The Court of Justice of the State of Rio Grande do Sul in Brazil received a REvil ransomware attack yesterday that encrypted employee files and forced the courts to shut down their network.
Tribunal de Justiça do Estado do Rio Grande do Sul (TJRS) is the judicial system of the Brazilian state of Rio Grande do Sul.
The attack began yesterday morning when employees suddenly discovered that all their documents and images were no longer accessible and that ransom notes had appeared on their Windows desktops.
Shortly after the attack began, the official TJRS Twitter account warned employees not to log into TJ network systems locally or via remote access.
“The TJRS reports that it faces instability in computer systems. The systems security team advises internal users not to access computers remotely, nor to log into computers within TJ’s network,” he added. tweeted the TJRS judicial system.
REvil ransomware responsible for the cyber attack
A Brazilian security researcher known as Brute Bee shared a screenshot with Bleeping Computer of the employees sharing the ransom notes and discussing the attack with each other.
These ransom notes are for the REvil ransomware operation, which BleepingComputer has independently confirmed was responsible for the attack.
Bleeping Computer was told that the REVil ransomware operation required a $ 5,000,000 ransom to decrypt files and not leak data.
In a translated audio recording shared with BleepingComputer, one person described the attack as “horrible” and “the worst thing that happened there”, and IT staff suffered a “hysterical stress attack” as they rushed to restore thousands of devices. .
This cyber attack is not the first ransomware attack in the Brazilian judicial systems.
Last November, Brazil’s Superior Court of Justice was attacked by the RansomEXX ransomware gang that began encrypting devices in the middle of video conference court sessions.
At the same time, the websites of other Brazilian federal government agencies were offline, but it was not clear whether they were shut down for security or under attack.
This is a developing story …
Brute Bee H / T