The Sodinokibi / REvil extortionists that struck Lion recently, encrypting and exfiltrating the beverage giant's corporate data want US$800,000 ($1.24 million) in ransom, a sum that will double in two days.
The Herald has viewed the ransom note which points to a hidden transaction site hosted on a Russian network where victims are asked to pay the REvil / Sodinokibi criminals.
• Beer shortages possible after Lion brewery shut down following cyber attack
• Lion ransomware attack: Speights back online, but supply problems continue for other beers
• Lion: Ransomware attack causing significant problems
• Cyber attack at Lion brewery disrupts supply of beer
To obtain decryptor software that the ransomware criminals promise will work and not delete or corrupt the scrambled files, Lion is required to buy $800,000 worth of the Monero cryptocurrency, either directly via an exchange, or by first obtaining Bitcoin.
Monero uses an obfuscated public ledger, making it difficult to see the sender of the funds, and the destination and amount of the transaction.
The transaction site offers a live chat window for contacting the ransomware criminals, which contains a message threatening the publication of the corporate data copied.
"This is while hidden post, but it will be published after time expired. If you don't pay anyway, we publish download link for all your confidential files.
"You will lose reputation for clients, get different penals because you didn't protected personal data, your competitors or other people from public will use your financial data in their interests. If you don't want that, I recommend you pay money in time.
Behind paywall, the New Zealand Herald should not paywall this. Bitcoin and all cryptos should be made illegal on New Zealand based servers as the true horror of cryptos is exposed.
And it is true, New Zealand pubs are devoid of stock.