Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’
$125,000 ransom seems small—but why do the scrotes want it paid in baguettes?
French manufacturing firm Schneider Electric (EPA:SU) was attacked last week. The Hellcat gang—formerly International Contract Agency—claimed it stole the data of 400,000 customers and employees.
Known as “Grep” or “Greppy,” the hacker’s searching for baguettes in payment. In today’s SB Blogwatch, we want fries with that.
Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: U2 vs. Guns N’ Roses.
That’s a Lot of Pain
What’s the craic? Lawrence Abrams broke the story: Schneider Electric confirms dev platform breach after hacker steals data
“$125,000 in ‘Baguettes’”
Schneider Electric has confirmed a developer platform was breached after a threat actor claimed to steal 40GB of data from the company’s JIRA server. … Schneider Electric is a French multinational company that manufactures … products ranging from household electrical[s] … to enterprise-level industrial control and building automation.
…
Over the weekend, a threat actor known as “Grep” taunted the company on X, indicating they had breached its systems. [They] say they rebranded as the Hellcat ransomware gang and are currently in the process of testing an encryptor to be used in extortion attacks. … They claimed to use a MiniOrange REST API to scrape 400k rows of user data, which Grep says includes 75,000 unique email addresses and full names for Schneider Electric employees and customers.
…
The threat actor jokingly demands $125,000 in “Baguettes” not to leak the data. … Earlier this year, Schneider Electric … was breached in a Cactus ransomware attack, where the threat actors claimed to have stolen terabytes of data.
Zut alors! Sead Fadilpašić said: Schneider Electric says developer platform was breached, company data stolen
“Let’s see”
Schneider Electric has confirmed suffering its second cyberattack and data leak in recent months. … Obviously, the attacker doesn’t want hundreds of thousands of baguettes — it’s a joke, since Schneider Electric is … French.
…
Instead, they just want the victim company to acknowledge the breach within 48 hours. Since the company did just that, let’s see if Greppy keeps their word.
Weak jokes R us. Mark Tyson tries harder: Hackers demand France’s Schneider Electric pay
Hand over the dough or your 40GB of secret data is toast. … The boulangerie product demands were published on the dark web.
All of which makes Jamie Jones jest, joyfully:
Maybe the crims want a slice of that action? However, they need to be careful not to leave any breadcrumbs for the police to follow, whilst hoping that the trail goes stale.
…
I’ll get my coat. No knead to rise to the bait.
Joking aside, TheRealMindChild isn’t impressed much:
This is a script kiddy that has no intention of actually collecting the baguettes. It is high school level shenanigans.
But is Jira itself vulnerable? u/Tullzterrr hopes so:
I hope they hack my Jira and steal all of my tickets. Sick of this ****ing thing.
Wait. Pause. BigIrv is cut up: [You’re fired—Ed.]
Duh. … Should have asked for baguette diamonds.
Lost in translation? Marty McFly laughs in funny money:
Errr. Y’all realize there is actually a cryptocurrency called “Baguette,” right? … The total supply of BGTT is 50M units, at a value of $0.0009146 USD. That means the total supply is worth a bit over $45,000 in USD. So this ransom is impossible to pay because there is not enough BQTT in existence.
…
[Perhaps] this ransom is actually an attempt to move the market. If the coin became worth a full cent, that would be a 10x on their “investment” at current prices. Their payday would be profitably selling their coins on the open market so that Schneider could have enough to actually pay the fine.
But what’s all this about halving the ransom? Pierce2623 wonders if Hellcat really cares about disclosure:
To be fair, most of these hacking groups claim they’re just trying to expose companies for not keeping customer data safe, etc. And then, after making that claim, they sell the people’s data on the dark web because they’re really just ****heads.
Meanwhile, drainbramage channels Jean-Jacques Rousseau (not Marie Antoinette):
Donut pay them! Let them eat cake.
And Finally:
You have been reading SB Blogwatch by Richi Jennings. Richi curates the best bloggy bits, finest forums, and weirdest websites—so you don’t have to. Hate mail may be directed to @RiCHi, @richij, @[email protected], @richi.bsky.social or [email protected]. Ask your doctor before reading. Your mileage may vary. Past performance is no guarantee of future results. Do not stare into laser with remaining eye. E&OE. 30.
Image sauce: Sergio Arze (via Unsplash; leveled and cropped)