Revil ransomware gang (aka Sodinokibi)
On its official blog accessible via Tor browser, as seen by Hackread.com, the ransomware operator claims to have “downloaded databases and other important data” belonging to the telecom giant.
SEE: Police just seized DoubleVPN – Bad news for ransomware gangs
As proof of its hack, the group has also shared screenshots apparently of the stolen MasMovil data that shows folders named Backup, RESELLERS, PARLEM, and OCU, etc.
It is worth noting that at the time of publishing this article; MasMovil had acknowledged the ransomware attack however, there was no demand for ransom from the Revil gang.
The attack structure of the Revil ransomware operator follows the same modus operandi as other ransomware groups such as breaching the security of its target, stealing data and locking the files on the victim’s system and demand ransom payment for decrypter key/tool.
Revil means bad news
For those unaware of Revil’s activities; the group is known for targeting high-profile businesses and organizations. For instance, on June 15th, 2021, Revil claimed to breach US nuclear weapons contractor Sol Oriens.
The same group was also behind the breach against Apple supplier Quanta in April 2021 while earlier in March this year the ransomware operators targeted technology giant Acer and demanded a ransom of $50 million.
How big is MasMovil in Spain?
As for MasMovil; the telecom operator is big in Spain. The Group’s fixed network reaches 18 million households with ADSL and close to 26 million with optical fiber. Its 4G mobile network covers 98,5% of the Spanish population.
The company also owns brands like Yoigo, Pepephone, Llamaya, Lebara. It is unclear what is next for MasMovil. Nevertheless, Hackread.com is keeping an eye on the situation and will be updating this article accordingly.
💸 If you were the victim of a #ransomware attack, paying the ransom doesn’t guarantee you’ll get a decryption key or your data back from cybercriminals. Eliminate the need to pay – back up your data and patch your computer often! https://t.co/BuYmxnWdyK #Cybersecurity pic.twitter.com/VdwqP8cymn
— US-CERT (@USCERT_gov) July 1, 2021
Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.