TAG cybersecurity experts: The breadth of targets in those campaigns stands in contrast to many government-backed operations.
Whirlpool confirms Nefilim ransomware attack. The threat actor: The company has been hit two times, due to the stop of the negotiations and poor cybersecurity. 2GB of data leaks published in double extortion scheme
Whirlpool has been hit by Nefilim cybercrime group, maybe two times. The company, as Bleeping Computer reports, confirmed the attack and that its systems have been fully restored. Before, the threat actor published a note on its data leak website, explaining that the lask leak “comes after long negotiations and unwillingness of the executives of Whirlpool corporation to uphold the interests ot their stakeholders”. Furthermore, the malicious hackers added that the company cybersecurity “is very fragile, which allowed us to breach their network for the second time after they stopped the negotiations”. Under the double extortion scheme, Nefilim published also a bunch os stolen data, divided in two files. The first one, “Whirlpool_filelist.txt”, is damaged and can’t be opened. The second, “leak_part1.7z”, contains 2 GB of different kind of informations. These include documents related to employee benefits, accommodation requests, medical information requests, background checks, and more.