Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.Here's an overview of our use of cookies, similar technologies and how to manage them.
It was possible to dig out the ransom note that's dropped during successful attacks from the ransomware payload. That note revealed the group behind the intrusion was the Reichsadler Cybercrime Group – an unheard-of gang whose name is taken from the eagle found on coats of arms in Germany, including those adopted by the Nazi regime.
The location of Reichsadler Cybercrime Group's operation isn't known, though the ransom note set the payment deadline time to Moscow Standard Time. This could suggest a Russian operation or one in another country attempting to disguise their true location.Sophos said it was able to stop the download of the ransomware payload after the attack triggered a rule designed to prevent a known intrusion tactic .