Skip to content

Ransomware attack kidnaps Austrian city

May 31, 2020

NetWalker, a malware team, launched a ransomware attack on the Austrian village of Weiz. This attack affected the public service system and resulted in the loss of some of the stolen data from the building’s applications and inspections.

According to the cyber security company Panda Security, Hackers managed to penetrate the village’s public network through phishing emails related to the COVID-19 crisis.

COVID-19 as bait for the delivery of ransomware

The subject of the email – “Corona Virus Information” – was used to trick Weiz public infrastructure employees into clicking malicious links that caused the ransomware.

Ransomware attack kidnaps Austrian cityRansomware attack kidnaps Austrian city

Panda Security claims that the attack belongs to a relatively new version of a ransomware family that is spread using VBScripts. If the infection is successful, it spreads across the entire Windows network that the infected computer is connected to.

The report describes this Ransomware shuts down Windows processes and services, encrypts files on all available hard drives, and deletes backups.

Location of several large companies in Austria

Weiz is a small town that is considered the economic center of Eastern Styria and is only a few kilometers away from the city of Graz.

Several large companies such as the car manufacturer Magna and the designers Strobl Construction and Lieb-Bau-Weiz have also set up their production facilities here. This may indicate that the attack was not accidental, but was aimed at a specific target.

The Netwalker Group has recently launched several attacks against the healthcare sector worldwide.

Cointelegraph in Spanish reported an attack on March 25 against hospitals in Spain. This attack also used phishing emails to deploy ransomware on certain systems.