Η Software AG, one of the largest software companies, fell victim ransomware attack resulting in some more problems.
The attack took place on Saturday, October 3. It is said that one gang ransomware, named “Clop", Violated the internal network of the company, encrypt them systems and asked for more than $ 20 million to provide the decryption key.
Apparently, Software AG refused to pay the ransom to the ransomware gang and so the hackers posted screenshots with data which had been stolen from the company before the encryption. The criminals leaked them data at their leak site at Dark web.
Exposed items include: employee passports and IDs, emails employees, financial documents and lists from the company's internal network.
Software AG revealed the incident on Monday, October 5, when it said it was dealing with it holidays within its network “Because malware attack ”.
The company said customer service, including cloud-based services, remained unaffected. He also said that they did not exist data to prove that customer information was affected. However, two days after this statement, Software AG issued a press release acknowledging that there was theft of data.
A copy of ransomware binary, used against Software AG, was discovered by the researcher security MalwareHunterTeam. As mentioned above, hackers demanded more than $ 20 million from the company, one of the largest sums demanded in a ransomware attack.
According to ZDNet, the ID provided in this ransom note allows security investigators to view online chats between the Clop gang and Software AG on a web portal run by the ransomware team. At present, it appears that company has not paid the ransom.
Software AG is the Germany's second largest company and has more than 10.000 customers in 70 countries. The company has significant customers, such as Fujitsu, Telefonica, Vodafone, DHL and Airbus.