The ongoing activity of ransomware operators unmistakably indicates that they are constantly looking for new avenues to target. From going after brick and mortar stores to seize the data of a conglomerate as big as Boeing, cryptovirological cybercriminals such as BitPaymer have troubled everyone in the digital world.
Last month, ransomware operators targeted the servers of the premium golf association PGA. Yes, even a game has not been spared by the shenanigans of cryptovirology. The association hasn’t disclosed every detail of the attack. However, it has been confirmed that it hasn’t paid the attackers any money for ransomware removal. On the other hand, it is not clear if its security team has succeeded in recovering the locked down files.
According to some unsubstantiated reports, the ransomware infected the databases of PGA’s marketing division that contain important details regarding two upcoming golf championships to be held in the US and France. With the available details, security experts have tried to identify the cryptovirological strain used in the attack. The features of the ransom note suggest that BitPaymer has been used to infect PGA servers.
Even though the association hasn’t revealed the amount of money demanded by the attackers for ransomware removal, but the track record of BitPaymer operators suggests that they must have asked for something above $100,000. The attackers wanted to receive extortion amount in cryptocurrency because a Bitcoin wallet number was also mentioned in the ransom note.
BitPaymer operators are vying for big gains
BitPaymer ransomware is relatively a new strain. However, it has gained sizeable ground in a short window of time. In a single month, its operators have carried out two big attacks. Besides hitting the servers of PGA, BitPaymer operators have also targeted the network of Scottish hospitals and demanded nearly $250,000 in Bitcoin for ransomware removal. As of now, no mass distribution of BitPaymer has been detected.
