Industry News

Hackers infect Malaysia’s largest media company with ransomware, then demand $6.45 million

Media Prima Berhad, Malaysia’s leading media company, has been hit with a ransomware attack followed by a whopping $6.45 million demand for the decryption keys.

Anonymous sources from within the company told The Edge Financial Daily that the attack unfolded over four days, and that ransomware operators demanded the company pay 1,000 bitcoins in ransom – the equivalent of RM27,042.26, or US$6.45 million.

“The whole Media Prima group’s computer systems have been breached and infected with ransomware over the last four days,” said the source. “The attackers demanded 1,000 bitcoins from Media Prima in the ransomware attack.”

Asked to comment via email, Media Prima would neither confirm nor deny the breach, saying: “Thank you for the questions. It is with regret [we have] to inform you that we decline to comment on the questions.”

Another source, however, indicated that the attack was not very serious at all, and that Media Prima declined paying the ransom.

“Our office email was affected, but we have migrated to G Suite. They (the attackers) demanded bitcoins, but we are not paying,” this source said.

It is unclear what ransomware family was used in the attack. It is also unclear whether the operators had direct access to physical systems (an inside job would not be out of the question), or if they used social engineering schemes to make their way into Media Prima’s infrastructure and deploy the attack.

It is worth noting that ransomware operators typically use social engineering to trick victims into granting internal access. Whichever the case, going by the sum requested by the operators, the attack was very likely targeted.

About the author

Filip TRUTA

Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware, and security, and has worked in various B2B and B2C marketing roles. He likes fishing (not phishing), basketball, and playing around in FL Studio.

2 Comments

Click here to post a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

    • So bad for my country media broadcaster in this kind of attack. They should been prepared and take necessary action to avoid and minimize the impact in the future…