CyberNews Briefs

Mexican Oil Company Pemex Hit by Ransomware

Parts of the Petróleos Mexicanos (Pemex) oil company network were taken down after they suffered from a ransomware attack on Sunday. Although the attack was quickly neutralized and had a low quantitative impact on computers within the network, the attackers reportedly demanded a 565 BTC ($4.9 million) ransom, claiming they had gathered classified and sensitive data from the network. Investigation into the attack revealed that DoppelPaymer ransomware was used.

Doppelpaymer is a version of BitPaymer, ransomware that initiates attack by dropping an infection chain that later installs Emotet and Dridex. BitPaymer was developed by ransomware developer group TA505, and it is likely that former members of TA505 were responsible for the Pemex attack. Sources claim that Pemex did not reach out to the attackers to negotiate payment.

Read More: Mexican Oil Company Pemex Hit by Ransomware


OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.