Komal Joshi · Dec 1, 2020 . 6min read
Ragnar Locker uses Facebook Ads to compel Campari into paying ransom
Ragnar Locker targeted Campari and demanded a Bitcoin ransom of $15M, deploying Facebook ads to compel the victim for paying the ransom.
By Komal Joshi · Nov 13, 2020 . 6min read
The Ragnar Locker ransomware gang is in the limelight constantly for its ransomware attacks on various companies in recent months. Ragnar Locker has started advertising on social media to pressure one of its victims into paying the ransom. Ragnar Locker targeted Campari, an Italian liquor conglomerate, in a Ragnar Locker ransomware attack on Nov. 2. As Threat Post reported, the Ragnar Locker gang started their attack on the liquor company, which allowed them to steal about two terabytes (2TB) of sensitive data.
According to the reports, Campari confirmed the attack. The ransomware gang intimidated to publish the data to the public, except the company agrees to pay about $15 million in ransom through bitcoin. As per the report, they encrypted bank statements, financial data, documents, important emails, and contractual agreements belonging to Campari. The Ragnar Locker gang deployed Facebook Inc. accounts to operate ads to urge Campari openly into funding its demanded ransom.
Ragnar Locker spent $500 for the fraudulent campaign.
The Ragnar Locker gang states that the Facebook ad they have has adequate proof about the stolen sensitive data and its huge volume. It further states that it had stolen two terabytes of data and that Campari limited time to settle payment for a covenant not to publish the stolen data. Also, about 7,000 Facebook users saw the advertisement. Moreover, the attackers had hacked into a separate Facebook user account for managing the ads. The Facebook account utilized for the ad belonged to Hodson Event Entertainment. The company’s founder stated that the account had been hacked. Moreover, he says that the ransomware gang had planned $500 for the fraudulent campaign.
Notably, the company founder says that he believed he had two-factor authentication switched on for all of his accounts. However, he didn’t have it for his Facebook account. Additionally, a valuable lesson to be learnt is that every online user can be a victim to hazardous and misleading financial charges.
Apart from targeting Campari, the Ragnar Locker ransomware gang also recently targeted Japan’s gaming giant Capcom. Moreover, the attack allowed unknown hackers to obtain access to its file servers and internal emails. The ransomware attack affected 2,000 computers over Capcom’s network, thus resulting in the theft of one terabyte of data.
Follow Cryptodose for more updates.