Johnson Controls Hit With "Massive" Ransomware Attack and Data Exfiltration


Level 29
Thread author
Top Poster
Sep 13, 2018
Yesterday, a source told BleepingComputer that Johnson Controls suffered a ransomware attack after initially being breached at its Asia offices.
BleepingComputer has since learned that the company suffered a cyberattack over the weekend that caused the company to shut down portions of its IT systems.
Since then, many of its subsidiaries, including York, Simplex, and Ruskin, have begun to display technical outage messages on website login pages and customer portals.
BleepingComputer has been told that the ransom note links to a negotiation chat where the ransomware gang demands $51 million to provide a decryptor and to delete stolen data.
The threat actors also claim to have stolen over 27 TB of corporate data and encrypted the company's VMWare ESXi virtual machines during the attack.

Is this a new ransomware group or a rebranded one? Here an X source claims not to know who's behind this.

darkangels ransom.PNG

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.