Skip to content
Advertisements

Ransomware infects Ukraine energy ministry website

Hackers have used ransomware to take the website of Ukraine’s energy ministry offline and encrypt its files.

The website currently contains a message written in English, demanding a ransom of 0.1 bitcoin – worth $927.86 (£664.98) by today’s exchange rate.

Ukranian cyber-police spokeswoman Yulia Kvitko said the attack is an “isolated incident” and no other government websites have been affected.

She added that the energy ministry’s email system was still up and running.

“This case is not large-scale. If necessary, we are ready to react and help,” said Ms Kvitko.

“Our specialists are working right now… We do not know how long it will take to resolve the issue.”

Hacker ‘opportunists’

According to cyber-security research firm AlienVault, the hackers behind this cyber-attack have previously compromised other websites, but they have only made about £100 from their efforts.

AlienVault believes the energy ministry website has been attacked by two different hackers – the first hacker, who signs his name “X-zakaria” at the bottom of the webpage, merely defaced the website.

The security firm believes that a second hacker then came along, encrypted the website’s files, and added a ransomware screen and payment details.

“What has probably happened here is that a hacktivist has hacked the site for fun, then the criminal ransomware attacker has used their backdoor, which you can see at the bottom of the page, to try and make some money,” AlienVault security researcher Chris Doman told the BBC.

He said that it was likely that these hackers were amateurs, rather than nation state attackers.

“It’s certainly true that attacks against Ukraine have impersonated ransomware before , to cover their true aim of pure destruction, and in many cases, energy companies such as this have been a prime target,” said Mr Doman.

“However, in this case the evidence points to something more mundane.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: