Ransomware attack on Maastricht University of Netherlands

The Maastricht University of Netherlands is reported to have become a victim of a ransomware attack on Tuesday this week and officials have pulled down all IT systems offline to contain the damage due to the cyber incident.

The file-encrypting based malware cyberattack was acknowledged on the website and the authorities from the educational institute have assured that the scientific data was unaffected by the ransomware. But have also confirmed on the same note that restoration of data might take several days.

Gert Van Doorn the spokesperson of the University confirmed the incident and said that the attack disrupted the email systems very badly.

An official statement released by the educational institute released a few hours ago has confirmed that the ransomware attack took place on DHCP servers, exchange servers, domain controllers and network drives deteriorating the service responders even further.

Cybersecurity Insiders has learned that Clop Ransomware which was discovered in Feb’19 was the culprit behind the disruption and is somehow related to CryptoMix Ransomware.

Technically speaking, the developers of Clop Ransomware have devised it in such a way that it encrypts a complete computer network instead of on individual workstations. And as soon as the malware infiltrates the network, it quickly locks down the files from access with a “.clop extension”. And a pop message detailing an email address and the instructions related to payment are then made available on the unencrypted document.

Clop Ransomware is having a history of infecting only Microsoft Windows systems by surpassing the windows defender and shuts down important processes like Microsoft Office before blocking data recovery attempts.

And another important note is that there is no decryptor available for the victims of Clop.

Ad
Join over 500,000 cybersecurity professionals in our LinkedIn group "Information Security Community"!
Naveen Goud
Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display