A malicious computer cryptovirus is known to have hit Matanuska-Susitna (Mat-Su) borough, an Anchorage Metropolitan Area in Alaska on July 24th 2018. The discovery of the ransomware attack led Borough’s government networks and IT staff to shut down largely affected IT systems. Servers were the first to loose connectivity followed by phones, email id, and Internet access!
The security team is steadily working to cope with the compromised systems and to get them cleaned and restore email, phones and Internet connection.
Modus Operandi on the attack revealed that the virus exhibited a “Multi-pronged, Multi-vectored attack” trait that had the multiple aspects of viruses including dead man’s switch, Cryptolocker, time bomb and Trojan horse.
The malware was identified as BitPaymer ransomware that was first spotted in July last year. Culprits behind the design of this ransomware are suspected to be linked to the same criminal group that runs infamous Dridex banking Trojan.
The “Trojan” aspect of the BitPaymer ransomware was first detected by the anti-virus scans on July 17th 2018 on windows 7 machines. Other traits of this multi-pronged virus however, were completely missed by anti- virus software scans.
The results were devastating as 500 Mat-Su desktop workstations and 120 of 150 Mat-Su servers were dominated by the encryption. As a result, Mat-Su network was taken offline, FBI was notified, and the network rebuilding operation was initiated. Some data has been successfully recovered from the backups. There is no information regarding the demands of crooks being fulfilled to restore the infected system is not known.
Still, there are no evidences of attackers leaking the stolen data.
Deprived of computers and files at the time of the devastation, Borough employees acted resourcefully. The use of age old technology: A typewriter was commendable. Lists of library book patrons, receipts and landfill fees were all prepared using typewriters.
Mat-Su Borough was victim number 210.
Researches revealed that the city of Valdez in Alaska experienced a similar attack. The traits of the attack resemble BitPaymer infection. The news came to light on July 28th 2018, when Valdez city officials confirmed about the attack in an official Facebook statement.
Hits: 227
Subscribe to our newsletter today to receive updates on the Latest News and Threats.
Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.