The REvil Ransomware Brigade stole more than 800 GB of data from ADIF, the Country Director of Railways Infrastructure in Spain, after a successful attack on their systems.
According to El Español, the authors of the cyberattack belong to a well-known group of ransomware after they posted on the official REVil website on July 22 a message on the official website of the market, which announced the addition of another victim.
Cybercriminals claimed that they stole more than 800 GB of data from ADIF servers, although it was not confirmed how they could breach the security of the Infrastructure Director in Madrid in Madrid.
REvil does not disclose basic information about the type of data they stole, but a screenshot posted by the gang in a blog post shows some files that may contain personal information, letters, contracts, and ADIF account information.
The security vulnerability could not be updated
The report says that the ransom gang claimed that it could continue to download data from ADIF IT systems, and it is assumed that the attack continues due to a vulnerability that has not been updated yet unless they pay the required ransom price, which is unknown from press time.
However, a Spanish government company commented on the attack:
“In the shortest time possible, the infrastructure has been touched, always ensuring that all services are working properly. ADV, realizing that it is a pioneer in critical infrastructure such as the use of the rail network, cybersecurity is a pillar of comprehensive security.”
REvil recently launched another series of attacks against three companies in the United States and Canada. They leaked data from two companies and threatened to disclose confidential data from a third company.
On June 12, Cointelegraph also reported that the gang had leaked classified documents stolen from an American robotics company. According to the official REvil Blog post on June 11, the team started transmitting Symbotic LLC's categorized data.