The well-known automated tool manufacturer Pilz is still recovering from ransomware attacks. Since October 13, all company servers, PC workstations, and communication systems worldwide have been affected by the ransomware attacks. To prevent the spread of infection, the company has blocked all access to the company’s network.
It is understood that the company’s production capacity has not been affected, but it is temporarily unable to process orders and check customer status. The ransomware, called BitPaymer, first appeared in 2017, and the main attack target is high-value business goals. The operator will first send a phishing email with the Dridex Trojan to the target and induce the victim to download the trojan. Once implanted, the Trojan will automatically load BitPaymer.
Currently, Pilz has reinstated the mail system, ordering system, and delivery system, but experts warned that the company must completely remove the Dridex Trojan, otherwise the Trojan will load BitPaymer again.