Hackers demanded about US$5 million in bitcoin from Petroleos Mexicanos (Pemex), they told reporters on Tuesday, saying the state oil company missed a special discount by not paying immediately after a cyberattack that fouled up the firm’s systems.
The hack, which Pemex said it detected on Sunday, forced the company to shut down computers across Mexico, freezing systems such as payments, according to five employees and internal e-mails.
Hackers have increasingly targeted companies with malicious programs that can cripple systems overseeing everything from supply chains to manufacturing, removing them only after receiving substantial payments.
A ransom note that appeared on Pemex computers seen by reporters pointed to a darknet Web site affiliated with “Doppel
Paymer,” a type of ransomware.
The Web site demanded 565 bitcoins, or nearly US$5 million at current prices, and threatened Pemex with a 48-hour deadline, listing an e-mail address to contact.
When Reuters wrote to the e-mail for details, the apparent hackers replied that Pemex had missed a deadline for a “special price,” an apparent reference to the discounts sometimes offered to ransomware victims for early payment.
However, they said Pemex still had time to meet their bitcoin demand and would not comment further while the new deadline was pending.
Pemex did not immediately respond to a request for comment about the ransom demand.
The attack is the latest challenge for Pemex, which is battling to pay down heavy debts, reverse years of falling oil production and avoid downgrades to its credit ratings.
Pemex said its storage and distribution facilities were operating normally and that the attack had affected less than 5 percent of its computers.
“Let’s avoid rumors and disinformation,” it said in a statement.
A person who works in Pemex’s production and exploration said that division was not affected.
There was some confusion about which form of ransomware was used in the attack.
One Pemex official said in an internal e-mail the company was targeted by “Ryuk,” a strain of ransomware that experts say typically targets companies with annual revenue between US$500 million and US$1 billion — far below Pemex’s levels.
DoppelPaymer is a relatively new breed of ransomware that cybersecurity firm CrowdStrike said was behind recent attacks on Chile’s Ministry of Agriculture and the town of Edcouch, Texas.
On Tuesday, Pemex was reconnecting unaffected computers to its network using software patches and wiping infected computers clean, said one source, who spoke on condition of anonymity.
It had to communicate with employees via mobile messaging service WhatsApp, because employees could not open their e-mails, said another source, who was also not authorized to speak to reporters.
“In finances, all the computers are off, there could eventually be problems with payments,” the person said.
Stephen Garrett, a 27-year-old graduate student, always thought he would study in China, but first the country’s restrictive COVID-19 policies made it nearly impossible and now he has other concerns. The cost is one deterrent, but Garrett is more worried about restrictions on academic freedom and the personal risk of being stranded in China. He is not alone. Only about 700 American students are studying at Chinese universities, down from a peak of nearly 25,000 a decade ago, while there are nearly 300,000 Chinese students at US schools. Some young Americans are discouraged from investing their time in China by what they see
MAJOR DROP: CEO Tim Cook, who is visiting Hanoi, pledged the firm was committed to Vietnam after its smartphone shipments declined 9.6% annually in the first quarter Apple Inc yesterday said it would increase spending on suppliers in Vietnam, a key production hub, as CEO Tim Cook arrived in the country for a two-day visit. The iPhone maker announced the news in a statement on its Web site, but gave no details of how much it would spend or where the money would go. Cook is expected to meet programmers, content creators and students during his visit, online newspaper VnExpress reported. The visit comes as US President Joe Biden’s administration seeks to ramp up Vietnam’s role in the global tech supply chain to reduce the US’ dependence on China. Images on
New apartments in Taiwan’s major cities are getting smaller, while old apartments are increasingly occupied by older people, many of whom live alone, government data showed. The phenomenon has to do with sharpening unaffordable property prices and an aging population, property brokers said. Apartments with one bedroom that are two years old or older have gained a noticeable presence in the nation’s six special municipalities as well as Hsinchu county and city in the past five years, Evertrust Rehouse Co (永慶房產集團) found, citing data from the government’s real-price transaction platform. In Taipei, apartments with one bedroom accounted for 19 percent of deals last
US CONSCULTANT: The US Department of Commerce’s Ursula Burns is a rarely seen US government consultant to be put forward to sit on the board, nominated as an independent director Taiwan Semiconductor Manufacturing Co (TSMC, 台積電), the world’s largest contract chipmaker, yesterday nominated 10 candidates for its new board of directors, including Ursula Burns from the US Department of Commerce. It is rare that TSMC has nominated a US government consultant to sit on its board. Burns was nominated as one of seven independent directors. She is vice chair of the department’s Advisory Council on Supply Chain Competitiveness. Burns is to stand for election at TSMC’s annual shareholders’ meeting on June 4 along with the rest of the candidates. TSMC chairman Mark Liu (劉德音) was not on the list after in December last