Nefilim ransomware operators claim to have hacked the SPIE group

August 10, 2020  By Pierluigi Paganini


Nefilim ransomware operators allegedly targeted the SPIE group, an independent European leader in multi-technical services.

Researchers from threat intelligence firm Cyble reported that Nefilim ransomware operators allegedly hacked The SPIE Group, an independent European leader in multi-technical services.

The number of ransomware attacks continues to increase, hackers also steal victims’ data and threaten them to release the stolen info if they don’t pay the ransom.

During darkweb and deepweb monitoring, the Cyble Research Team discovered a post from Nefilim ransomware operators in which they claimed to have breached The SPIE Group.

Nefilim ransomware SPIE group

The ransomware gang also revealed to have stolen the company’s sensitive data.

The SPIE Group provides multi-technical services in the areas of energy and communications, it has more than 47,200 employees and in 2019 it reported consolidated revenues of €6.9 billion and consolidated EBITA of €416 million.

Nefilim ransomware operators also released the first batch of file threatens to release other documents. Cyble experts analyzed the material, the first lot of data contains around 11.5 GB.

“The data leak seems to consist of corporate operational documents which include the company’s telecom services contracts, dissolution legal documents, power of attorney documents, infrastructure group reconstructions contracts, and much more.” reported Cyble.

The Nefilim ransomware operators released a total of 65,042 files contained in 18,551 data folders.

Nefilim ransomware operators continue to be very active in this period, recently the group targeted the Dussmann group, the German largest private multi-service provider and Orange S.A., one of the largest mobile networks based in France.

Below a list of tips provided by Cyble to prevent ransomware attacks:

  • Never click on unverified/unidentified links
  • Do not open untrusted email attachments
  • Only download from sites you trust
  • Never use unfamiliar USBs
  • Use security software and keep it updated
  • Backup your data periodically
  • Isolate the infected system from the network
  • Use mail server content scanning and filtering
  • Never pay the ransom.
[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, SPIE group)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

NCSC Director warns of interference on elections tied to Russia, China, Iran

 The Director of the U.S. National Counterintelligence and Security Center (NCSC) shared info on attempts of influence...