NEW Cooperative, Iowa based farmer’s feed and grain cooperative was hit by BlackMatter ransomware gang who is demanding a $5.9 million ransom.
The gang claims to have stolen 1,000 GB of data and are threatening to double the ransom if it is not paid in five days.
The stolen data includes the source code for the soilmap.com project, financial info, network information, R&D results, sensitive employee information, legal and executive info, and KeePass export.
The organization stated that the ransomware infected some of its systems, and that they have taken its systems offline to prevent the threat from spreading. The cooperative also claims to have successfully contained the threat.
NEW Cooperative notified law enforcement and have hired cybersecurity experts to investigate the attack.
The BlackMatter group that claims to be the successor of Darkside and REvil groups, launched its operations at the end of July. BlackMatter also has a leak site, in which it will publish data exfiltrated from the victims before encrypting their system.
The researchers at Recorded Future first spotted the BlackMatter ransomware and found that the gang is setting up a network of affiliates using ads posted on two cybercrime forums, such as Exploit and XSS.
The group is recruiting hackers who has access to the networks of large enterprises having revenues of $100 million/year or larger, in order to infect them with its ransomware.
BlackMatter ransomware operators announced that they will not target healthcare organizations, critical infrastructure, organizations in the defense industry, and non-profit companies.
Image Credits : Techilive