Alabama, a southern U.S state after being targeted by DoppelPaymer ransomware group, has given in to paying 30 BTC as a ransom to ensure its private citizen’s data are not leaked.
The DoppelPaymer ransomware group attacked the information Technology system of the state a month ago. The attack came amidst warning that hackers could penetrate the country’s infrastructure.
Reportedly, Alabama authorities want to pay the ransom, which is around $300,000 as they fear that if they don’t make the payment, citizens’ private data might hit the internet. The ransom is to be paid in Bitcoin.
DoppelPaymer ransomware group responsible for the hack
Alabama City was first warned about the imminent hack and how citizens were affected by the Hold security, a cybersecurity firm based in Wisconsin. The hack, however, was confirmed by the Florence Mayor Steve Holt, saying that Alabama’s email has been hacked.
The mayor never confirmed that the hack was a ransomware attack, he later acknowledged that it was through KrebsOnSecurity report that DoppelPaymer ransomware group was behind the attack on June 9.
Holt, however, acknowledged that the ransomware group demanded 39 BTC initially but thanks to cybersecurity firms, the ransom was reduced to 30 BTC. There is a condition, however, that if the ransom is not paid in full, the hackers will let loose the data online.
A threat analyst at malware Lab Emisisoft, Brett Callow, reacted to the hack, saying that the entire network has to be rebuilt to ensure that similar incidents won’t lead to a ransomware event where data becomes encrypted and exfiltrated.
City hack, not a new trend, Callow
The analyst said that hackers target cities now and have other victims, including the City of Torrance, Visser Precision, and Kimchuk.
The group that hacked Alabama are known already and are one of those group that targets government and private firms seeking ransom in return.