28 October 2020

Italian energy giant Enel suffers Netwalker ransomware attack


Italian energy giant Enel suffers Netwalker ransomware attack

The Italian multinational energy giant Enel Group has been hit with a ransomware attack for the second time this year. This time the company’s systems have been infected with the Netwalker ransomware with the attackers demanding a $14 million ransom for the decryption key.

The cybercriminals behind the Netwalker ransomware operation claim to have stolen nearly 5 terabytes data from the company and threaten to release the information on their leak site.

The news of a possible cyber-attack against Enel Group was first reported by Bleeping Computer that received a Netwalker ransom note from a researcher. The ransom note included a link showing data allegedly stolen from Enel Group.

Bleeping Computer said it contacted the company last week about the cyber-attack but received no response. A few days later, Netwalker announced the leak of the company data through their support chat. Apparently, Enel never contacted the ransomware operators and they decided to leak portion of the stolen data to force the company into paying the ransom, which is now $14 million (1234.02380000 BTC).

The Netwalker ransomware group added Enel Group to their data leak site and published screenshots of unencrypted files stolen from the company. They also announced they will “analyze every file for interesting things” and release it on their leak site.

In early June, Enel's internal network was hit by the Snake (EKANS) ransomware, but the attempt was thwarted before the malware could spread.

Back to the list

Latest Posts

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024
Sophisticated malware campaign targeting end-of-life routers and IoT devices

Sophisticated malware campaign targeting end-of-life routers and IoT devices

A recent campaign targeted over 6,000 ASUS routers in less than 72 hours.
27 March 2024
Chinese APT groups target Southeast Asian nations in cyberespionage campaigns

Chinese APT groups target Southeast Asian nations in cyberespionage campaigns

The observed cyberattack employed phishing emails as the primary method of infiltration.
27 March 2024