Grief ransomware attack in the Municipality of Thessaloniki - What do hackers want? The Municipality of Thessaloniki has fallen victim to a Grief ransomware attack, after hackers locked files and demanded ransom to hand over the decryption key.
However, according to what the SuspectFile, when they did not receive the money they asked for in return, they started publishing files of the Municipality.
It is worth mentioning that the leaked files are available to SecNews and the Authorities (thanks to Suspectfile ). For reasons of protection of confidentiality and society as a whole we can not publish relevant details. However, as we found out, these are documents of the Municipality of Thessaloniki and its services, which are now exposed on the internet by hackers. In addition, it is worth mentioning that the hackers have announced that they will proceed with the total distribution of the files at their disposal (compared to a small part of those that have already been published).
The first information that has come to light speaks of a ransom of 20 million euros, which the Municipality of Thessaloniki does not intend to pay, as the information says that it has a backup of the files and there is no need to unlock these files.
Grief is a lesser known ransomware group that claims to have stolen data from 26 organizations. Interestingly, the Grief WEB site on the TOR network has "anti-detection" protection that prevents cybersecurity researchers from automating the indexing of their content by various cyber threat information platforms as well as their bots.
Grief had even published the data of some of these organizations, which apparently did not succumb to its blackmail.
The Grief team has decided that it wants to differentiate itself from other cybercriminals. SuspectFile that he was adopting a new (criminal) modus operandi. In a statement released to SuspectFile, he assured that victims would never be given lower ransom prices, let alone long-term negotiations.
See also: US: China accused of ransomware attacks
However, it seems that their threats obviously do not bring the expected results. In fact, many of the 26 entities that exist to date on the group's website have not decided to pay and therefore succumb to the blackmail of a group that has proven to be not very credible and stable, as in another statement that made to this site, had assured her lack of interest in medical and health organizations.
Grief's lack of credibility and stability was "realized" a few days later, when among the victims was Rehabilitation Support Services, Inc., an American medical and health organization that offers help to people suffering from alcoholism and mental illness. Stay tuned for more news about the attack in the city of Thessaloniki.