The ransomware group NetWalker infected the computers of the Austrian city of Weiz with ransomware. The data obtained in the process have now been partially published. The small town of Weiz is located in Eastern Austria and is the economic center of the region. Offshoots of several large companies such as automotive suppliers as well as construction companies maintain operating facilities there.
Corona Virus Is Probably Used As Bait
Obviously, at least some of the city administrations computers are infected by the ransomware, and the malware may even have infected the entire municipal network. The information about this incident comes from the ransomware group itself, which announced the successful cyber attack. Sample data has been public at least since May 20. So far, the city has kept itself covered with information. So far, there is no relevant information. It appears to be a relatively new variant of a ransomware family. The malware is usually distributed with downloads or in email attachments. Although the phrase information about the corona virus is probably used as bait.
The Attack Was Probably Carried Out Via Phishing Emails
The ransomware is distributed and spreads if the victim is successfully infected in the Windows network. Files on all accessible drives are encrypted and backup copies are deleted. Details on the encrypted files, the registry entries manipulated in the infection and the stored malicious routines can be found in the Netwalker ransomware.
City Council Data Has Been Published
It has now been proven that the city administration systems were successfully infected by malware. A tweet draws attention to the fact that the Netwalker ransomware group claims a successful attack. During further research, the author of the article came across a report by the security company. Their security researchers have sample files published by the ransomware group on the internet.