Systems at Spain’s largest managed service providers (MSP) Everis have been infected by a ransomware, and it was not alone because the also Spain’s largest radio station Cadena SER (Sociedad Española Radiodifusión) was a victim of a similar attack.
BleepingComputer, that first reported the news, revealed that systems at Everis were infected with the BitPaymer ransomware.
“After the attack began, Everis sent an internal notification saying that they “are suffering a massive virus attack on the Everis network. Please keep the PCs off.”” reported BleepingComputer.
“The network has been disconnected with clients and between offices. We will keep you updated. Please, send urgently the message directly to your teams and colleagues due to standard communication problems,” Everis added.
Files on the Everis systems were encrypted and the variant of BitPaymer ransomware involved in the attack added the .3v3r1s extension to their filenames, a circumstance that suggests it was a targeted attack.
The ransom note dropped on the infected systems warns the company against disclosing the attack, it doesn’t include the ransom amount, instead, it urges the company to contact the operators at the email addressed email@example.com and firstname.lastname@example.org.
According to the website
An anticipated, Cadena SER, the largest radio station network in Spain, was also infected with an unknown piece of ransomware. In response to the incident, the SER has disconnected all its computer systems from the network.
“The SER chain
“The technicians are already working for the progressive recovery of the local programming of each of their stations.”
The news of the ransomware attack against the SER chain was also reported by Spain’s Department of Homeland Security (Departamento de Seguridad Nacional).
It is interesting to notice, that BleepingComputer speculates a possible involvement of the BlueKeep vulnerability in the attacks.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.