The ransomware attack was carried out by unknown operators who are now demanding a ransom for the decryption key.
The cyberinfrastructure of the Brazilian Superior Court of Justice (STJ) has suffered a massive ransomware attack, as a result, its services including the official website have been forced to go offline.
The ransomware attack took place between Monday and Tuesday this week but the details of it were only revealed earlier today.
The ransomware operators are claiming that the entire STJ database has been encrypted and any attempt to restore the file will go in vain.
See: Police lose evidence to Ryuk ransomware attack; suspects walk free
Although it is unclear who is behind the attack; the hackers are demanding an unknown amount of ransom to decrypt the encrypted Court data. For now, STJ’s website is offline with the following notice:
Furthermore, a ransom note has also been left by the hackers asking Court officials to contact the group through Protonmail based email address: [email protected].
The ransom states the following:
GM Superior Tribunal de Justica, Inspect this message attentively and contact someone from the IT dept. Your files are fully crypted. Correction of the names or content of affected items (*.stj888) may cause restoring fail.
You can send us any affected item (smaller than 900KB), and we would repair it. Affected files must not contain useful intelligence. The rest of data will be available behind PAY.
Reach us but if you represent the entire Superior Tribunal de Justica. If we will not respond to you in two days, send us your email address via direct message here.
A full preview of the ransom note is available below:
On the other hand, according to the Brazilian crypto news site Livecoin, attackers have also encrypted backups kept by the Superior Court of Justice’s IT department. This may force authorities to pay the ransom since backup can’t be restored without a decryption key.
See: US Criminal Court hit by Conti ransomware; critical data at risk
Nevertheless, this was a large-scale attack since the hackers also attempted to target the official website of the Government of the Federal District (GDF) and The Ministry of Health (Ministério da Saúde).
However, at the time of publishing this article, the Federal District website was offline while the Health Ministry’s website was reachable. As for STJ, the website will remain offline till November 9th.
Did you enjoy reading this article? Do like our page on Facebook and follow us on Twitter.