Category Archives: Mount Locker

New Mount Locker Ransomware Version Targeting TurboTax Files

A new version of the Mount Locker crypto-ransomware strain is specifically targeting victims’ TurboTax files. As reported by Bleeping Computer, Advanced Intel’s Vitali Kremez came across a new Mount Locker sample that specifically sought out files used by the TurboTax tax preparation software. In particular, Kremez observed the sample going after files bearing the  “.tax,” “.tax2009,” […]… Read More

The post New Mount Locker Ransomware Version Targeting TurboTax Files appeared first on The State of Security.

Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware

Biotech research firm Miltenyi Biotec disclosed a ransomware attack that took place in October and affected its IT infrastructure worldwide.

Biotech research firm Miltenyi Biotec was hit with a ransomware attack that took place in October and affected its IT infrastructure worldwide.

The company announced that it has fully restored systems after the attack, anyway in some countries local employees are still facing problems with mail and telephone systems.

Miltenyi Biotec is a global biotechnology company headquartered in Cologne, Germany, that provides products and services that support scientists, clinical researchers, and physicians across basic research, translational research, and clinical applications. The company offers solutions covering techniques of sample preparation, cell separation, cell sorting, flow cytometry, cell culture, molecular analysis, clinical applications and small animal imaging. Miltenyi Biotec has more than 3,000 employees in 28 countries and more than 17,000 products.

Miltenyi Biotec is providing the above products, including SARS-CoV-2 antigens, to clinicians and researchers who are working on COVID-19 vaccines and treatments.

“During the last two weeks, there have been isolated cases where order processing was impaired by malware in parts of our global IT infrastructure. Rest assured, all necessary measures have now been taken to contain the issue and recover all affected systems. Based on our current knowledge, we have no indication that the malware has been inadvertently distributed to customers or partners.” reads the announcement published by Miltenyi Biotec.

“As of this time, our operational processes have been fully restored. Should you have experienced any delays with your orders, we ask you to be patient for just a little longer, and to get in contact with us in urgent cases. Please accept our apologies for any inconvenience this may have caused you.”

The company is not aware of data leak resulting from the malware infection. Customers should expect order delays caused by the incident that impacted their systems across the last two weeks.

Customers experiencing difficulties can contact the company using a list of contact numbers available here.  

Miltenyi Biotec did not disclose the family of malware that infected its systems, anyway, Bleeping Computer speculates the involvement of Mount Locker ransomware.

“Even though Miltenyi Biotec has not disclosed the nature of the malware that caused the operational downtime during the last two weeks, the Mount Locker ransomware gang has claimed the attack earlier this month.” reported Bleeping Computer.

On November 4, 2020, Mount Locker ransomware operators have leaked on their data leak site (‘Mount Locker News & Leaks’) 5% out of the 150 GB of data they have allegedly stolen from the company.

Mount Locker ransomware operators have been active since July 2020 and targeted multiple organizations demanding multi-million dollar ransoms.

To make pressure on the victims, Mount Locker operators also threaten them to contact the media, TV channels, and newspapers if the ransom is not paid.

Pierluigi Paganini

(SecurityAffairs – hacking, Mount Locker)

The post Biotech research firm Miltenyi Biotec hit by Mount Locker ransomware appeared first on Security Affairs.