Robotics Company Falls Prey to Ransomware Attack

Published at: June 12, 2020

Ransomware gang REvil, known for launching stolen data auctions on the dark web, is now leaking sensitive documents stolen from a US-based robotics company.

According to an official blog post from REvil on June 11, the team has started leaking confidential data belonging to Symbotic LLC. The post noted:

“You do not want to speak with us and you probably think that we will not publish your data. We are already publishing.”

The cybercriminal group stated that they’d created a website and paid for the hosting for a year. They threatened to make the robotics company’s data visible for “a very long time in public.”

Sensitive data leaked

Leaked data includes employee names, addresses, SSNs, salary details, non-competition agreements, and more. The group reportedly asked for both Bitcoin (BTC) and Monero (XMR) to cover the ransom payment.

The cybersecurity research team, Cyble, said the attack may have occurred in the first week of June.

Symbotic LLC was founded in 2007. They currently have a workforce of approximately 1,000 employees. They develop software and robotics solutions for supply chain manufacturers, distributors, and retailers.

Ransomware growing into “serious problem”

Speaking with Cointelegraph, Brett Callow, threat analyst at malware lab Emsisoft, commented:

“Ransomware attacks continue to be a serious problem, and that’s because companies continue to pay ransoms. The only way to stop attacks is to make them unprofitable and that means companies must improve their security so as not to be in the position of needing to pay ransoms. Too often, attacks succeed only because of subpar security, and that needs to change.”

Callow has said that it sounds like the ransomware gang may not be planning to auction the robotics company’s data. However, that shouldn’t be taken as a 100% confirmed fact. He says that REvil could act unpredictably at any time.

Cointelegraph recently reported that REvil had listed sensitive data from two US-based law firms.

Tags
Related Posts
Ransomware Gang Strikes Again With More Auctions Listing Stolen Data
Ransomware group REvil has started another auction on the dark web listing sensitive data stolen from two US-based law firms. The listing appeared June 6 through REvil’s official blog on the darknet, where bidders look to acquire 50GB of data from Fraser Wheeler & Courtney LLP and 1.2TB of data from the database of Vierra Magen Marcus LLP. Information auctioned includes client information, internal documentation of the company, electronic correspondence, patent agreements, business plans and projects, as well as new technologies that have yet to be patented. IP-related law firm among the victims The law firm Vierra Magen Marcus LLP …
Technology / June 8, 2020
Major Chilean bank shuts down all branches following ransomware attack
Banco Estado, the only public bank in Chile and one of the three largest in the country, had to shut down its nationwide operations on Monday due to a cyberattack that turned out to be a ransomware launched by REvil. According to a public statement, the branches will remain closed for at least one day, but clarified that customers’ funds have not been affected by the incident. Citing sources close to the investigation, ZDNet reported that the REvil ransomware gang is behind the attack. It reportedly originated from an Office document infected with the malware that an employee received and …
Technology / Sept. 8, 2020
Ransomware Gang Steals 10TB of Pics and Data From Canon
Multinational corporation Canon reportedly fell victim to a ransomware attack launched by Maze group against its email and storage services and its United States website on July 30. Maze has threatened to leak the pics and data if a crypto ransom is not paid. The image.canon site was out for six days, during which it showed updates. It went back into service on Aug. 4. Canon put out a statement that day about the attack, saying there had been no leak of image data, nor thumbnails of the photos stored in its cloud service. However, the severity of the attack …
Technology / Aug. 6, 2020
California University Pays Million-Dollar Crypto Ransom
The University of California at San Francisco School of Medicine reportedly paid a $1.14 million ransom in cryptocurrencies to the hackers behind a ransomware attack on June 1. According to CBS San Francisco, the UCSF IT staff first detected the security incident, stating that the attack launched by NetWalker group affected “a limited number of servers in the School of Medicine.” Although the areas were isolated by experts from the internal network, the hackers left the servers inaccessible and managed to deploy the ransomware successfully. A statement published by the University of California said: “The data that was encrypted is …
Technology / June 30, 2020
Aviation Database Struck By Unknown Ransomware Gang
Smartwatch maker and data-syncing service provider, Garmin, was the subject of a ransomware attack that took down several of its services on July 23, which managed to encrypt its internal network. According to a series of tweets published by the company, the Garmin Connect website and mobile app were affected by the hackers, plus the call centers and every customer support resources like replying emails, online chats, and handling calls. However, the nature of the attack was unveiled by ZDNet, who also stated that the cybercriminals also targeted flyGarmin, the company’s service that supports its line of aviation navigational equipment. …
Technology / July 25, 2020