A spanish – based international security service provider Prosegur fell victim to an infection with the ransomware.
Prosegur claims to be active in 25 countries on many continents. The company employs over 150,000 people worldwide. The services include the transportation of money and valuables as well as the planning, installation and maintenance of hazard detection systems.
Targeted Spam Nails To Company Employees
There is currently no information on how much data has actually spread across the security service provider’s network. The ransomware often gets onto the systems by means of targeted spam mails to company employees. On the social networks, individual Prosegur customers reported that they could not access the customer area either via the mobile app or via the browser. The Prosegur website was unavailable for some time. At the moment, this still applies to some subpages of prosegur’s website. The company then activated the emergency procedures for such incidents and shutdown the internal company network. The IT department is in the process of cleaning the systems from the ransomware and preparing them for normal operation: how long this will take is currently unknown.
Ryuk Is Now Under Control
There are various reports on the exact dimensions. Prosegur confirmed, among other things via Twitter, that the company was a victim of Ryuk and Emotet. According to the company, the vulnerability through which the Trojan entered the system was found and plugged. Ryuk is now under control, the company said. Nevertheless, the attack, which was probably not aimed specifically against Prosegur, but was a general attack, led to the failure of numerous branches of the company. The regular daily routine was completely disrupted because the group took parts of its IT offline for security reasons. All systems were therefore shut down. As a result, the effects were felt worldwide.