14 DAY TRIAL // Rex Mundi, a hacker group that’s known for breaching into the systems of various companies in an effort to blackmail them, is back. A few hours ago, they announced hacking Belgian hosting company AlfaNet.
According to the hackers, AlfaNet provides hosting services for 13,000 websites. The cybercriminals threaten to leak data and attack some of the websites if the company doesn’t pay up.
“We have hacked their database and we have stolen all of their customer data. Alfanet has two more days to pay us 15,000 Euros. Unfortunately, so far, they did not reply to our emails. We hope that they will decide to protect their customers before the deadlines expires on Friday evening,” the hackers said.
“If no money is received on Friday evening, we will post their entire database and we will directly attack some of their customers,” they added.
To prove their point, they’ve leaked some customer data samples and some database information.
We’ve reached out to AlfaNet to see what they plan on doing. So far, they haven’t responded to our inquiry, but we’ve received confirmation that they got our email.
It’s worth noting that Rex Mundi is usually not bluffing. They’ve leaked data stolen from the systems of numerous companies that have refused to give in to their demands. The list of targeted companies includes Numericable, Habeas, Websolutions.it, Buy Way and Hoststar. Many of their targets are Belgium-based organizations.
It remains to be seen if AlfaNet pays up, but the most likely scenario is that they will not give in to extortion.
Experts advise companies that find themselves in this situation not to pay up until the breach has been properly investigated. Security expert and malware researcher Bart Blaze believes that the best thing they can do is contact authorities – police and even the local CERT.
According to the expert, in most cases, cybercriminals will sell the stolen data regardless of whether the company pays up or not.
As for damage control, Blaze recommends that logs be checked for any clues that might help in identifying the attackers. Another important step is notifying customers, and being as transparent as possible in the process.
It remains to be seen how AlfaNet acts. As Blaze highlights, it’s uncertain what messages have been exchanged directly between the company and the attackers.
On the other hand, it’s unlikely that a company that’s publicly blackmailed will admit paying up, even if they do decide to go down that path.