Hacked again: Australia-based #Toll Group systems hit by fresh ransomware attack.
Toll Group is a global logistics company that offers freight, warehouse, and distribution services.
Toll has roughly 40,000 employees and operates a distribution network across over 50 countries.
For the second time in three months, Toll Group has become the victim of a ransomware attack that has led to the suspension of IT systems.
The latest attack is “Nefilim” ransomware, a new form of ransomware that has evolved from Nemty and is likely distributed through exposed Remote Desktop Protocol (RDP) setups.
Trend Micro says that the malware uses AES-128 encryption to lock files and blackmail payments are made via email rather than the Tor network, a firm favorite among cybercriminals.
Toll is working with the Australian Cyber Security Centre (ACSC) to investigate the incident.