While paying ransom to cybercriminals is never encouraged, victims continue to do that seemingly to save face. Reportedly, the chemical distribution firm Brentagg silently did so regarding a ransomware attack as it paid millions to the attackers. DarkSide gang seems responsible for this attack too.
Brentagg Suffered Ransomware Attack
The German chemical distribution giant Brentagg has quietly managed a ransomware attack incident. Brentagg is one of the oldest firms presently serving over 77 countries globally with more than 17,000 employees.
According to Bleeping Computer, Brentagg faced the cyberattack at their North American division earlier this month. As sources revealed, the attackers managed to steal data from the company’s network before encrypting the devices.
While the company hasn’t openly admitted the incident yet. They did confirm having suffered a ‘cyberattack’ in their statement to Bleeping Computer. As quoted,
Brenntag North America is currently working to resolve a limited information security incident.”
The firm also assured to have contained the attack and involved the relevant authorities for investigations.
As soon as we learned of this incident, we disconnected affected systems from the network to contain the threat.
In addition, third-party cybersecurity and forensic experts were immediately engaged to help investigate. We also informed law enforcement of this incident.
DarkSide Involvement Suspected
Although, Bentagg hasn’t shared any details about the security incident yet.
Sources revealed that the company fell prey to the DarkSide ransomware gang – the same that targeted Colonial Pipeline.
Reportedly, the attackers claimed to have stolen over 150GB of data from the firm. The data include sensitive details relating to finance, accounting, NDA, contracts, projects, legal, marketing, HR, chemical formulas, and more.
The attackers shared these details in a private post on the dark web. They had demanded 133.65 BTC as a ransom (~ $7.5 million at that time). Whereas, they threatened to leak the stolen data publicly if the company would fail to contact them.
However, Brentagg did communicate with them and managed to get a reduction in the ransom amount. Eventually, they ended up paying $4.4 million on May 11, 2021.
It seems DarkSide made this money around the same time they attracted attention due to the Colonial Pipeline incident.