Spanish multinational security firm Prosegur has been hit by Ryuk ransomware, the notorious Trojan virus that encrypts files on a compromiseddevice and typically demands payment in Bitcoin to decrypt them.
As a result of the attack, the company, which reportedly employs 170,000 people across the globe, has shut down its IT network and its employees were reportedly sent home.
The firm, which is credited as being one of the world’s biggest provider of armored vehicles to transport cash, said on Twitter that it had taken “maximum security measures” to avoid propagating the ransomware both internally and externally.
Statement on information security incident pic.twitter.com/5AkBvq1OwY
— Prosegur (@Prosegur) November 27, 2019
Prosegur incident is just over a day old, customers and resellers are taking to Twitter saying alarms aren’t working and resellers saying they’re getting abusive calls from their customers. An entire ecosystem of security and cash handling services are up in the air. pic.twitter.com/dGtfMRr3Y4
— Kevin Beaumont (@GossiTheDog) November 28, 2019
However, Prosegur’s website was up and running at press time.
This strand of ransomware has been reeking havoc for months.
Although victims are typically advised not to pay the requested ransom, figures from earlier this year suggest that Ryuk had collected more than 705BTC in just five months — approximately worth $3.7 million at the time.
In fact, Ryuk is held responsible for the 90-percent uptick in cryptocurrency ransomware payments.