Hackers Demand $7.7 Million in Bitcoin From Electricity Company

In brief

  • Hackers have compromised the billing systems of Pakistan’s biggest electricity producer.
  • They demanded $3.8 million in ransom, which increases to $7.7 million if not paid soon.
  • Enterprise ransomware attacks have cost firms over $25 million this year.

K-Electric, the biggest power producer in Pakistan and the sole provider in the city of Karachi, suffered a ransomware attack this week with hackers demanding over $7 million in Bitcoin to restore its services, according to cybersecurity site Bleeping Computer.

The firm services over 2.5 million customers in the country and faced a disruption in billing and online payment services after the attack. The attack was discovered by K-Electric engineers on September 7, but the supply of electricity in the city was not affected.

As per the report, hackers utilized a “NetWalker” attack to compromise the company—a virus strain discovered in 2019 that infects popular software applications running on Microsoft Windows, such as Office, Word, and Excel. Once deployed, NetWalker encrypts data on victim computers and disables file access until a ransom is paid out.

Hackers followed the same steps with K-Electric. After infecting the electricity firm, they demanded a $3.8 million ransom to be paid in Bitcoin through the anonymous browser Tor. 

The hackers added in a message to the company, “If there is no payment made by September 15, the price increases by two times and will be $7.7 million.”

The same message noted the hackers operator stole unencrypted files from K-Electric before performing the attack. However, it did not reveal the exact type of data they stole or the total amount of files stolen.

“The KE teams have initiated consultation with international information security experts and are also collaborating with local authorities in this regard,” K-Electric told Decrypt, in a statement.

The attack comes in quick succession after Argentinean border forces suffered from the same NetWalker virus earlier this week. Hackers demanded $4 million in that instance, but the Argentinean authorities refused to pay.

Enterprise ransomware like NetWalker—which targets companies instead of individuals—is a growing threat in the world, accounting for over $25 million in ransom earnings for hackers as per the report.

And it’s something blockchain can’t just fix.