Nefilim ransomware operators claim to have hacked the SPIE group

Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services.

Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group, an independent European leader in multi-technical services.

The number of ransomware attacks continues to increase, hackers also steal victims’ data and threaten them to release the stolen info if they don’t pay the ransom.

During darkweb and deepweb monitoring, the Cyble Research Team discovered a post from Nefilim ransomware operators in which they claimed to have breached The SPIE Group.

The ransomware gang also revealed to have stolen the company’s sensitive data.

The SPIE Group provides multi-technical services in the areas of energy and communications, it has more than 47,200 employees and in 2019 it reported consolidated revenues of €6.9 billion and consolidated EBITA of €416 million.

Nefilim ransomware operators also released the first batch of file threatens to release other documents. Cyble experts analyzed the material, the first lot of data contains around 11.5 GB.

“The data leak seems to consist of corporate operational documents which include the company’s telecom services contracts, dissolution legal documents, power of attorney documents, infrastructure group reconstructions contracts, and much more.” reported Cyble.

The Nefilim ransomware operators released a total of 65,042 files contained in 18,551 data folders.

Nefilim ransomware operators continue to be very active in this period, recently the group targeted the Dussmann group, the German largest private multi-service provider and Orange S.A., one of the largest mobile networks based in France.

Below a list of tips provided by Cyble to prevent ransomware attacks:

• Never click on unverified/unidentified links
• Do not open untrusted email attachments
• Only download from sites you trust
• Never use unfamiliar USBs
• Use security software and keep it updated
• Backup your data periodically
• Isolate the infected system from the network
• Use mail server content scanning and filtering
• Never pay the ransom.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, SPIE group)

[adrotate banner=”5″]

[adrotate banner=”13″]