1 August 2022

Natural gas pipeline operator Creos Luxembourg reportedly hit with ransomware


Natural gas pipeline operator Creos Luxembourg reportedly hit with ransomware

A cybercrime gang behind the AlphV ransomware said it successfully attacked Creos Luxembourg, an operator of electricity networks and natural gas pipelines in the Grand Duchy of Luxembourg.

Last week, Creos confirmed it suffered a cyberattack, which took place during the night of July 22-23, 2022. The company did not disclose the nature of the cyber incident, but said that the supply of electricity and gas was not affected.

On their dark web data leak site the AlphV (better known as BlackCat) operators claimed to have breached Creos Luxembourg and stolen more than 150 GB of corporate data, including sensitive information such as contracts, agreements, copies of IDs, invoices, emails and more. The ransomware operators also promised to release more files in the near future.

The AlphV/BlackCat ransomware is believed to be a rebrand of the BlackMatter ransomware which was a rebrand of the DarkSide ransomware that hit the energy pipeline operator Colonial Pipeline, one of the US' largest pipelines, in May 2021. Due to the attack Colonial Pipeline temporarily shut down its 5,500 miles of pipeline to contain the threat.

In May 2022, the US Pipeline and Hazardous Materials Safety Administration (PHMSA) proposed a nearly $1 million fine for management failures at Colonial Pipeline that contributed to widespread fuel shortages along the US East Cost following a 2021 ransomware attack.


Back to the list

Latest Posts

Argentina's Judiciary of Cordoba targeted with ransomware

Argentina's Judiciary of Cordoba targeted with ransomware

The incident described as “worst attack on public institutions in history” impacted the agency’s website, digital services and databases.
16 August 2022
Microsoft disrupts Russian espionage hacker group targeting NATO countries and Ukraine

Microsoft disrupts Russian espionage hacker group targeting NATO countries and Ukraine

The group’s targets include defense and intelligence consulting companies, NGOs, IGOs, and higher education institutions.
16 August 2022
Russia-linked Gamaredon is continuing to target Ukrainian orgs with info-stealers

Russia-linked Gamaredon is continuing to target Ukrainian orgs with info-stealers

In the observed campaign the attackers leveraged a self-extracting 7-Zip file, which was downloaded via the system’s default browser.
15 August 2022