27 January 2021

Pan-Asian retail giant Dairy Farm hit by REvil ransomware


Pan-Asian retail giant Dairy Farm hit by REvil ransomware

Massive pan-Asian retail chain operator Dairy Farm Group that operates numerous brands in Asia market, including Wellcome, Giant, Cold Storage, Hero, 7-Eleven, Rose Pharmacy, GNC, Mannings, Ikea, Maxims, suffered a REvil ransomware attack this month, with hackers demanding $30 million in ransom.

According to the cybersecurity news website Bleeping Computer, it was contacted by a threat actor who claimed to be behind a ransomware attack against Dairy Farm Group that took place around January 14th, 2021. To prove the validity of their claims, the bad actor provided Bleeping Computer a screenshot of the Active Directory Users and Computers MMC from the Dairy Farm network.

The attackers also claimed they still have access to the Dairy Farm ‘s network, including full control over the company’s corporate email, which they plan to use for further phishing attacks.

“They cannot shut down their network because their business will stop. There is a group of revil partners who are still attacking this company, there are more than 30k hosts there,” the threat actor is quoted as saying.

The Dairy Farm representatives confirmed that the company was hit by a cyber attack this month, but said that less than 2 percent of all company devices were affected.

“On Thursday, we identified an incident that impacted less than 2 per cent of our business servers. These were taken offline and isolated. As an additional precaution, we initiated a full and thorough investigation with the support of an external security specialist, introduced additional security measures and strengthened our monitoring systems further,” the company told Bleeping Computer.

Dairy Farm also added that it is not aware of any data being stolen during the attack.

Back to the list

Latest Posts

Free VPN apps on Google Play turned Android devices into residential proxies

Free VPN apps on Google Play turned Android devices into residential proxies

The threat actor behind this scheme profits by selling access to the residential proxy network to third parties.
28 March 2024
Cyber spies strike Indian government and energy sectors

Cyber spies strike Indian government and energy sectors

The operation involved phishing emails delivering the HackBrowserData info-stealer.
28 March 2024
Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

Spyware makers and state-backed hackers are primary culprits behind rise in zero-day exploits, Google says

97 zero-day flaws were exploited in-the-wild in 2023, marking an increase of over 50% compared to 2022.
27 March 2024