Pierluigi Paganini November 28, 2019

A piece of the Ryuk Ransomware infected the network of the multinational cybersecurity firm Prosegur, forcing the company to shut down it.

The Spanish multinational security company Prosegur announced that it was of a ransomware attack that disrupted its telecommunication platform.

The network of the Prosegur firm was infected with a piece of the Ryuk ransomware, the company temporary limited communications with its customers to avoid the malware spreading.

The Spanish website Derecho de la Red confirmed the incident and reported that the employees were sent home, the infection affects all the locations in Europe of the company.

At the time of writing it is not clear when the network of the security firm was infected.

“It is unclear when Prosegur detected the incident, but some reports occurred before 6 a.m. (GMT+1), with some sources saying that the company network became unavailable around four in the morning, local time, and it is still down at the moment of writing.” reported BleepingComputer.

Below the update on the incident published by the company on Twitter a few minutes ago,

Recently similar incidents affected other Spanish organizations, NTT DATA-owned firm Everis​, one of Spain’s largest managed service providers (MSP), has suffered a ransomware attack. The systems of the company were infected with the BitPaymer ransomware. 

Spain’s largest radio station Cadena SER (Sociedad Española Radiodifusión) was also victim of a similar attack in the same period.

At the time of writing the company announced that the Ryuk ransomware was fully contained and the firm has deployed the necessary measures to contain the threat.

Pierluigi Paganini

(SecurityAffairs – hacking, ransomware)

[adrotate banner=”5″]

[adrotate banner=”13″]