Petroleos Mexicanos (PEMEX), a state-owned petroleum company established in 1938, has suffered a ransomware attack that has succeeded in shutting down its computers and online payment systems. The hackers are demanding for 565 BTC and have given the firm a 48-hour deadline to send the money.
DoppelPaymer Attacks PEMEX
In a fresh bitcoin (BTC) ransomware attack, Mexico’s state-run petroleum company has been targeted by crypto thieves looking to get $5 million richer.
Per sources close to the matter, a group of bad actors has succeeded in infecting the computer and payment systems of PEMEX with the “Ryuk” ransomware strain, which reportedly targets only firms with annual revenue between $500 to $1 billion.
Though Pemex claims its storage and distribution facilities were not affected by the attack, some employees of the firm have hinted that the hack forced the company to quickly shut down its computers, as well as payments systems across the nation, and employees had to communicate via WhatsApp, as they could not access their emails.
“In finances, all the computers have been infected, there could eventually be problems with payments,” declared an anonymous source.
According to a ransomware note written by the rogue actors, the ransomware attack was orchestrated by the hacking team of an unnamed darknet website associated with the DoppelPaymer ransomware.
Hackers Not Giving Up
Despite the severity of the attack, the PEMEX team has stated that only 5 percent of its entire computer systems were infected and the firm has started reconnecting unaffected computers to its network using software patches, while also formatting infected computers. However it’s still unclear whether its communication lines have been restored.
Even with the recent decline in the price of Bitcoin, bad actors keep devising various means to take advantage of the dip.
Earlier in July 2019, BTCManager informed that Munroe College in Manhattan, New York had been targeted by a $1.9 million (170 BTC) ransomware attack that shut down its entire computer network.
More recently, in October 2019, Jerez de la Frontera also experienced a severe ransomware attack that crippled its online processes.