A French multinational corporation has been targeted by a ransomware group that couldn't help but play to national stereotypes, demanding to be paid in baguettes.
The gang said it wants $125,000 worth of the French bread, or it will leak from 40GB worth of stolen private data from Schneider Electric. A media report claims that the firm is really demanding crypto.
The ransomware group, calling itself Hellcat, is represented by a pseudonymous Twitter (aka X) user named Grep, who communicated the demands. Gerp claims the group infiltrated Schneider Electric to target "sensitive customer and operational information," which it will expose if the ransom is not paid.
The situation is still ongoing. Schneider Electric did not immediately return a request for comment.
Russian 'Evil Corp' Group Hit With Sanctions After $100 Million in Ransomware Thefts
International law enforcement efforts have intensified against Evil Corp, a Russia-based cybercrime syndicate allegedly responsible for widespread financial theft and ransomware attacks. The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC), the UK's Foreign, Commonwealth & Development Office (FCDO), and Australia's Department of Foreign Affairs and Trade (DFAT) jointly imposed sanctions on key members of the group last week. Simultaneously, the U.S. Department of Justice...
While the baguette-based demands are what is publicly shown, Cyberscoop reports the group is willing to accept crypto Monero in lieu of bread. Monero is a privacy-centric coin designed to make it very difficult to track transactions on-chain. It’s a popular pick for cybercriminals, though it has legitimate uses as well.
The baguette demand is a marketing tactic designed to help this newcomer stand out in the ransomware market, Picus Security researcher Huseyin Can Yuceel told Cyberscoop, potentially positioning it to sell its services more effectively down the line.
Schneider Electric confirmed that it “is investigating a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms, which is hosted within an isolated environment.” However, the firm said its “products and services remain unaffected.”
‘Elden Ring’ Parent Company Hit With Ransomware Attack
Kadokawa Corporation, the parent company of Elden Ring publisher FromSoftware, revealed on Thursday that it was the victim of a ransomware attack earlier this month. According to a Kadokawa press release shared by IGN, the attack took place on June 8 and targeted the companey’s servers in Japan. The focus of the attack, Kadokawa said, was services related to Niconico, a video-sharing application owned by Kadokawa. “Kadokawa is currently considering solutions and workarounds quickly on a company-...
This is the third breach of Schneider Electric in less than two years. Cactus ransomware infected the company's Sustainability Business division in February. In June 2023, the firm was hit by the CL0P ransomware crew as part of the MOVEit attacks, which affected thousands of organizations and millions of individuals.
In this recent instance, over 400,000 rows of user data are in the possession of the ransomware group, it claims. It ended the message by addressing "Olivier," presumably the new CEO, Olivier Blum.
The group noted that Schneider has annual revenues above $40 billion, but otherwise, it did not make any direct references as to why it targeted that business specifically. According to the company’s own figures, its revenue stood at €36 billion (US$38 billion) by the end of last year.
Edited by Sebastian Sinclair
