% RansomExx ransomware attacks judiciary in Brazil, court data encrypted

Brazil’s Superior Court of Justice (STJ) was a victim of a ransomware attack on Tuesday, November 3. The attack occurred during its online sessions, leaving the court in disarray, and all court processes had to be suspended. Two days later, the Brazilian Federal Police opened an investigation into the matter. 

According to local reports, the malware could have infiltrated the court’s systems via a Domain Admin account. The malware then proceeded to encrypt virtual machines in the system, after gaining access to admin groups of the virtual environment.

The court’s  IT specialists confirmed that all online systems were taken down. For cybersecurity safety, all personnel were asked to operate away from the servers that had been affected. But, all online processes of the STJ  processes will be on November 10.

“The Secretariat for Information and Communication Technology (STI) is working on systems recovery to restore all court services as quickly as possible,” said STJ President Humberto Martins on the court’s official website.

Although the entire online activities and platforms were shut down by the malware attack, the court managed to encrypt all case databases and backups beforehand. 

 

Following this cyber threat, all other judicial systems are adding layers to their online security systems. 

The affected organization has not reported the identity of the ransomware behind the attack. However, BleepingComputer published that RansomExx was the perpetrator. Reportedly, they recovered a ransom note from an affected system. The note asked the “affected company” to send a file for decryption, to prove the legitimacy of the cyberattack. 

This is the same ransomware group behind the recent attacks on tech giant Konica Minolta and laser manufacturer IPG Photonics. It is noteworthy that  RansomExx is a mutation of the Defray777 ransomware group, and was proactive in June this year. 

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Donald Trump fires cybersecurity chief Chris Krebs after he debunked voter fraud theories

Late Tuesday evening, President Donald Trump fired the chief of the CISA…

New Crypto regulations in Malaysia come into effect

The Malaysian Securities Commission (SC) announced that newly amended regulations on cryptocurrency…

71% increase in ransomware attacks in healthcare sector in October 2020

Following the joint advisory issued by three federal agencies, CheckPoint Security published…