Asteelflash electronics suffers a hit by REvil ransomware attack

The news of the attack was not disclosed by Asteelflash. BleepingComputers detected samples of REvil Ransomeware which enabled the access of the Tor negotiation page. 

Some conversations were detected between REvil threat actors and Asteelflash in the Tor payment site. In this conversation, the actor shared a file to prove that data were stolen in the attack. The name of the file was ‘asteelflash_data_part1.7z’. The Meta data of the file indicated that the authors of the files were the employees of Asteelflash. 

Asteelflash did not respond to any query, so it cannot be confirmed whether the attack were successful in encrypting the files. Ransom gangs have been stealing files before locking the computer which helps them to extort the victims by promising them not to sell the information.


Leave a Reply