Skip to content

Austrian state Carinthia suffers ransomware attack; hackers demand $5M

  • by
  • 2 min read

The BlackCat ransomware gang has attacked the Austrian Federal state of Carinthia. The gang, also called ALPHV, demanded $5 million to unlock around 3000 computers impacted by the attack. 

Carinthia’s email services and website are down at the time of writing. The attack happened Tuesday and since has disturbed administrative work. The attack has also impacted COVID-19 test processing and contact tracing through the region’s administrative offices. 

According to Euractiv, state spokesperson Gerd Kurath reported the ransom being set at $5 million and added that the state has no intention of meeting the hackers’ demands. 

The state plans to restore the impacted computers using backups. Kurath added that the first batch of recovered computers became available starting Friday. 

There’s also no evidence to suggest that the attackers stole any data from the state’s systems. This is supported by the fact that BlackCat’s data leak site didn’t have any data from Carinthia, indicating that the attack itself or negotiations aren’t complete yet. 

As for the gang itself, BlackCat is mainly comprised of DarkSide gang members responsible for the Colonial Pipeline ransomware attack last year. The FBI had issued a notice warning organisations that BlackCat had attacked over 60 organisations worldwide in April 2022. 

BlackCat is also one of the first ransomware groups to use RUST, pointed out by the FBI and security researchers at Cisco Talos and Palo Alto Networks’ Unit 42. RUST is a comparatively more secure programming language and is not commonly used in the cybersecurity space. 

According to the FBI’s report, the gang demands payment, usually in Bitcoin or Monero. They’ve been known to accept payments lower than the initial amount suggesting that negotiations might be a way out. 

In the News: 146 EdTech apps are harvesting student data for targeted advertising

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

>