"Whirlpool Hit With Ransomware Attack"
The major appliances giant Whirlpool acknowledges it was hit with a ransomware attack in November. Whirlpool stated that they were unaware of any consumer information being exposed because of the attack and that the ransomware is not causing any operational difficulties at this time. The cyber gang behind the ransomware attack was the Nefilim group. Emsisoft Threat analysts discovered that the cyber gang had posted two files to its wall-of-shame news site with information it claims is from Whirlpool. The Nefilim group is best known for going after organizations that use unpatched or poorly secured Citrix remote-access technology, then stealing data, unleashing crypto-locking malware, and using the threat of exfiltrated data being publicly dumped to try to force payment. In June, New Zeland's Cert stated that organizations hit with a typical Nefilim attack would see files with a .NEFILIM extension, a file called NEFILIM-DECRYPT.txt may be placed on affected systems, and batch files created in C:WindowsTemp.
Data Breach Today reports: "Whirlpool Hit With Ransomware Attack"