In the first week of November this year, Brazil Court System witnessed a downtime for unknown reasons. And when the law enforcement launched a probe, it was revealed that the disruption was caused by a ransomware attack that targeted the servers of Superior Court of Justice (STJ) on November 3rd, 2020.
STJ released a formal statement that it is suspending the digital access to its servers till November 10th, 2020 or until the systems are recovered. So, only the urgent cases will be taken up during the blockage to the digital service, and other matters like trial cases might get postponed until further notice.
Brazilian Army’s Cyber Defense Command has enlightened the media with some astonishing details yesterday, by categorizing the disruption a result of RansomExx malware invasion.
Later, STJ confirmed the incident as a malware attack where hackers somehow infiltrated the system, expand their access to multiple networks, and then induce the file encrypting malware as a final payload.
RansomExx is a malware that has come out live since June’2020 and has so far targeted some high-profile targets like Tyler Technologies, IPG Photonics, Konica Minolta, Texas Department of Transportation, Montreal’s Public Transportation and a gaming company from California being funded by Microsoft.
RansomExx also doesn’t stop its invading trend with Windows PCs, but is also found targeting servers running on Linux OS and demanding millions to free up the database from the malware.
Note- A ransomware is a kind of malware that encrypts data until a ransom is paid. But nowadays, some ransomware gangs like Maze & RYUK are first stealing a portion of data and then encrypting the database until a ransom is paid. And if in case the victim denies paying the ransom, the hacker makes money by selling the stolen data on the dark web.