Ransomware group says it took files from French Ministry of Justice

Written by
Jan 27, 2022 | CYBERSCOOP

A ransomware group claimed Thursday that it stole thousands of files from the French Ministry of Justice, threatening to post “all available data” if the ransom isn’t paid by Feb. 10.

The announcement appeared on the leak site of LockBit 2.0, a known ransomware-as-a-service operation that’s been active since at least September 2019, according to cybersecurity firm Emsisoft.

Neither the French Ministry of Justice or the country’s main cybersecurity agency responded to a CyberScoop request for comment about the situation. A ministry spokesperson told Politico that the agency was “aware of the alert and immediately took steps to carry out the necessary checks,” but did not elaborate.

The post viewed by CyberScoop on the leak site — where victim files are publicized either to pressure payments or punish victims if ransoms aren’t paid — indicates that the group may have 9,856 files, but nothing has been posted yet.

Brett Callow, a threat analyst at Emsisoft, said Thursday that the group may not end up posting any files, “as some of their past claims have been bogus.” For example, he said, there have been cases “where information stolen from organization A

Read More: https://www.cyberscoop.com/ransomware-group-claims-to-have-files-from-french-ministry-of-justice/