$4.5 ransom demands from hackers Equinix to prevent the customers’ data being released public
Equinix has been hit by Netwalker ransomware attack, resulting in Equinix’s users’ data encryption. The encrypted data include financial information, payroll, accounting audits and data reports. Most of these data belong to the customers at Australia.
BC security researchers’ shared ransom note states, this data center and collocation Provider Company has been asked for $4.5 million as a ransom to purchase the decrpytor and prevent the data being stolen. The ransom also states that if the price would increase to its double if the payment is not done on provided time.
This attack does not affect the support for the customers, Equinix says after the incident in an official released statement. The statement confirms, the Equinix’s data centers and their serving offerings, including managed services, remain fully operational.
“Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix.”
According to security researcher Vitali kremez, Equinix owns at least 74% remote destop servers and associated login credentials are currently being auctioned on dark web. Of these, most are concentrated in Australia, Turkey and Brazil.
Netwalker ransomware is most likely a variant of Malito Ransomware. The .malito extension plus email address belongs to the crooks to each encrypted file, making them inaccessible or of no use. Then, ransom note is dropped to provide instruction to the users that they can allegedly get the files back by paying a ransom fee. The text message within this file is vary from version to version and mostly depends on who is the target.