A hacker attack is putting the Mediaworld electronics shop chain in serious trouble.
Attack on Mediamarkt: how hackers hit Mediaworld
It was actually Mediamarkt, the Dusseldorf-based company that owns Mediaworld, that was targeted. Hit by a hacker attack, it allegedly received a ransom demand for $50 million in Bitcoin.
This is resulting in major disruptions in the company’s shops, including Mediaworld. The shops remain open and direct sales are still active, but the terminals are reportedly down. As reported by RTL Nieuws, no returns are possible.
The damage to the company is enormous, considering that the attack took place in the weeks leading up to Black Friday, the official start of Christmas shopping.
The signature was allegedly provided by the Hive hacker group. The hackers used ransomware, a type of virus that encrypts files and makes them inaccessible until a ransom is paid.
The Hive group is well known in the news. In recent months, it has hit three US hospitals. The strange thing is that it even has its own website where it reports on attacks and stolen public data.
In the case of Mediamarkt, they probably acted with a phishing e-mail, which then blocked several computers. On these, a threatening message would now appear:
“Your network has been hacked and all data has been encrypted. To regain access to all your data, you must purchase our decryption software”.
The warning from the FBI
In recent months, the FBI has issued a warning about this group of hackers and how they operate. It explained the system they use to hack the network, the traces they leave behind, and the instructions contained in a txt file. Finally, it said how the ransom is demanded. Usually, the Hive group leaves a link to a real sales platform accessible from the Tor browser, where the decryption file can be purchased. In addition, the hackers give between 2 and 6 days to pay the ransom, which is usually extended after contact has been made, which can also be by telephone.
If the ransom is not paid, not only does the network remain blocked, but hackers threaten to spread the stolen data on the dark web.
The year of ransomware
2021 will be remembered as the year of the significant ransomware attacks. The attack on MediaMarkt is the latest in a long line.
In Italy, the Lazio region and the SIAE were affected by similar attacks.
In the United States, Colonial Pipeline caused a sensation when it paid a ransom of 63.7 Bitcoin, which were later recovered by the FBI.
In addition to paying attention to IT security, law enforcement agencies recommend not paying ransoms and reporting attacks.