Volkswagen Group infected by “Conti” ransomware

Ransomware operators keep appearing and now they seem to have compromised one of the most important companies in the world. Multiple sources and logical security experts report that Volkswagen Group became the latest victim of the recently detected Conti ransomware group.

According to reports, in addition to encrypting the automotive company’s systems, threat actors also managed to steal sensitive data, posting the compromised information on a hacking forum. The documents presented include more than 8 thousand invoices, reports from the company’s workshops, among other data.

La imagen tiene un atributo ALT vacío; su nombre de archivo es volkswagen27082020.jpg

Volkswagen’s annual reports support its position as one of the world’s leading automotive companies, with more than 10 million cars sold a year and earnings in excess of $280 billion USD a year, competing on a par with General Motors, Hyundai, Ford and Toyota.

Logical security experts mention that this incident could create multiple legal problems for the company, especially with regard to compliance with the European Union General Data Protection Regulation (GDPR), as many of the leaked documents contain confidential details of Volkswagen customers. Like many other industries, car manufacturing is going through some financial problems, so facing the fines currently set by the GDPR would be catastrophic for the company.

Regarding the perpetrators of the attack, the researchers mention that Conti is a group formed from Ryuk hackers, operating as a “ransomware as a service” (RaaS) platform. Logical security experts say that most of the hackers recruited by this group have extensive experience in the cybercrime world so many other high-profile companies could suffer similar attacks in the short and medium term.

The company has not issued any statements, although cybersecurity firm Cyble mentions that it has a source very close to the incident, in addition to some problems have already been detected in workshops and a local concessionaire based in Germany.

For security, Volkswagen vehicle owners are advised to ignore any suspicious-looking messages, as threat actors were able to access their personal data and could try to deploy phishing and bank fraud campaigns.