Pemex, a Mexican state-owned petroleum company has been a victim of a ransomware attack. The attackers demanded around US$5 million ransom according to Reuters.
The hack was detected on November 10, 2019, and shut down Pemex’s computers across Mexico.
The Pemex officials said that the hackers used the “Ryuk” ransomware. But according to Reuters, which saw a ransom note that appeared on Pemex computers, it’s affiliated with the “DoppelPaymer” ransomware. Galileo has confirmed that both Ryuk and DoppelPaymer are prevalent and impacting users in Denver, we’ve had direct experience with the former.