The following is a machine translation of an article by Felipe Payão:
Lojas Renner allegedly had its system infected by ransomware this Thursday afternoon (19th). According to images posted on social networks, the company is already being extorted for the amount of US$ 1 billion to release the files, around R$ 5.4 billion at the current price of the currency.
Images shared to TecMundo reveal that the ransomware message only requires the money, making it clear that there is no interest in leaking possibly obtained data. Information about the case is also mixed, with indications that the ransomware in question would be Defray777 — same family as RansomEXX — and the ransom value would be around US$ 1 billion.
Read more on TecMundo.
$1 billion? Did something translate incorrectly? I wish they had shown the actual images to verify, but both Google and Yandex do translate the story as reporting a $1 Billion ransom.
Yes, its correct, 1 billion dollars. Im brazilian. 5.4 billions reais.
Thank you for confirming. I’d love to know what threat actors thought they could demand that amount.
Yes, the translation is correct.
First they asked for US$ 1billion but after hours of negotiation the accepted US$ 20 millions as reported in https://cointimes.com.br/renner-teria-pago-us20-milhoes-em-criptomoedas-apos-ataque-hacker/
(Text in portuguese).
The company lost US$ 73,2 million of valuation after that.
That news story you linked to says that company denies the claim that they paid $20 million ransom. But I’m not sure what they company is claiming — that they paid less than $20 million but did pay something, or are they denying paying anything at all?
I wish I had time to investigate everything.
The company didn’t confirmed the 20mi payment, but unofficial source confirmed the payment, said Coin Times.
Not the first ransomware attack to for big brazilian companies/gov.
In the second semester of 2020 the Superior Court and some state courts were attacked, last june the north american operation of the giant meat industry JBS was attacked, five and two day ago days ago the targets were the brazilian National Treasure and the Brazilian Central Bank, yesterday Lojas Renner.
O don’t remember any news reporting publicly wich were the criminal groups responsible for the ransomware.