AU: Avaddon threat attackers demand ransom from NSW Labor
NSW Labor is Australia’s Labor Party (New South Wales Branch). Now Avaddon threat actors claim that they have hacked them and stolen data.
NSW Labor, the company does not want to cooperate with us, so we give them 240 hours to communicate and cooperate with us. If this does not happen before the time counter expires, we will leak valuable company documents.
As they have done with other victims, the threat actors, who are presumed to be Russian, posted a number of files as proof of their claims. Some of the posted files contained personally identifiable information.
The “DDOS” icon on their listing indicates that in addition to having encrypted files and exfiltrated copies of files, they may also use a “Distributed Denial of Service” attack — which basically means hammering the site with traffic until it crashes or becomes unusable. At the time of this publication, however, the site appeared to be online and working, so the DDOS is likely just a threat of things to come.
Tom Rabe and Anthony Galloway report:
A NSW Labor spokesman said the matter was of “serious concern”.
“We have referred the matter to police and we are conducting a full investigation,” the spokesman said.
NSW Police confirmed on Wednesday afternoon it had been alerted to a ransomware attack on the party. Sydney City Police Area Command has commenced inquiries.
The Australian Federal Police are not investigating, it seems.
Read more on SMH.
Reporting by @Chum1ng0. Additional material by Dissent.