Industry News

Hackers infect Malaysia’s largest media company with ransomware, then demand $6.45 million

Media Prima Berhad, Malaysia’s leading media company, has been hit with a ransomware attack followed by a whopping $6.45 million demand for the decryption keys.

Anonymous sources from within the company told The Edge Financial Daily that the attack unfolded over four days, and that ransomware operators demanded the company pay 1,000 bitcoins in ransom – the equivalent of RM27,042.26, or US$6.45 million.

“The whole Media Prima group’s computer systems have been breached and infected with ransomware over the last four days,” said the source. “The attackers demanded 1,000 bitcoins from Media Prima in the ransomware attack.”

Asked to comment via email, Media Prima would neither confirm nor deny the breach, saying: “Thank you for the questions. It is with regret [we have] to inform you that we decline to comment on the questions.”

Another source, however, indicated that the attack was not very serious at all, and that Media Prima declined paying the ransom.

“Our office email was affected, but we have migrated to G Suite. They (the attackers) demanded bitcoins, but we are not paying,” this source said.

It is unclear what ransomware family was used in the attack. It is also unclear whether the operators had direct access to physical systems (an inside job would not be out of the question), or if they used social engineering schemes to make their way into Media Prima’s infrastructure and deploy the attack.

It is worth noting that ransomware operators typically use social engineering to trick victims into granting internal access. Whichever the case, going by the sum requested by the operators, the attack was very likely targeted.

About the author


Filip is an experienced writer with over a decade of practice in the technology realm. He has covered a wide range of topics in such industries as gaming, software, hardware and cyber-security, and has worked in various B2B and B2C marketing roles. Filip currently serves as Information Security Analyst with Bitdefender.


Click here to post a comment
  • Either case, one thing remains clear: both businesses and users must take this issue more seriously in the future. Cannot believe that being anno 2018 those situations still happen this way, compromising the whole network of an enterprise.

    • So bad for my country media broadcaster in this kind of attack. They should been prepared and take necessary action to avoid and minimize the impact in the future…