A US-based company is being blackmailed by a group of hackers who demanded $6 million. The confidential information posted about it on the internet has been secured via an emergency Irish High Court injunction.
The Southwire Company LLC on Tuesday, December 31, 2019, has secured a temporary order against what are believed to be two Polish nationals and an Irish-registered company, allegedly involved in a website publishing confidential information about the US firm.
Court case on the cyber attack
The victim company did not mention any individual or corporate entity's name during the court hearing as the suspected criminals behind this cyber attack incident. Jim O'Callaghan SC, appearing with Anthony Thuillier Bl in High Court said that his client, which manufacture cable and wiring, is based in the US State of Georgia, has thousands of people working as employees.
It was revealed that cyberattackers targeted Southwire and encrypted files from many of its computer. But the investigators could not identify the hackers, who demanded a payment in the online Bitcoin currency equivalent to just over $6 million to decrypt the files. As of now no ransom payment was made.
The cyberattack incident is being investigated by the US Federal Bureau of Investigation (FBI). The hackers became impatient with the refusal to pay the ransom and posted confidential information contained in the company's files on a website called Mazenews.
After the incident, the US firm became extremely concerned about it and was seeking orders from the Irish High Court after its investigations revealed that the nine-digit IP address of the website is registered to a company, World Hosting Farm Limited (WHFL).
It should be noted that hackers behind the Maze Ransomware took the responsibility for the attack which affected the City of Pensacola in Florida and demanded a $10,00,000 ransom for a decryptor and later hackers published a victim list which included names of US companies.
While posting the attackers have recently made a list of their next victims and shared the names on the website. It says, "Represented here companies don't wish to cooperate with us and trying to hide our successful attack on their resources. Wait for their databases and private papers here. Follow the news!"