Ransomware has struck Whirlpool, a giant American manufacturer

It was announced that ransomware targeted Whirlpool, an American multinational home appliance manufacturer. It was the attackers who announced this, claiming that with malware called Nefilim, they had compromised Whirlpool’s main networks.

The talks were initially held with the Whirlpool management team in secrecy, but things did not appear to go far. In response, attackers announced that ransomware had targeted them while leaking some information. Ultimately, it is their dream to continue taking Whirlpool to the negotiation table.

With 77,000 workers and 59 manufacturing and application development centers around the world, Whirlpool is a giant corporation and is known to have gained $20 billion in sales in 2019.

It was last weekend when operators of Nephilim ransomware revealed that cyber attacks on these whirlpools had succeeded. Any records containing confidential material, such as employee privileges, demands for housing, and requests for medical information, have been issued.

At the same time, the attackers wrote, “We had negotiated with Whirlpool’s management for a long time, but they didn’t seem to have much interest in protecting the interests of shareholders.” Additionally, he argued, “The level of cybersecurity at Whirlpool is very low, and we were able to break into negotiations with them and once again penetrate Whirlpool’s network.”

If the operators of Nephilim are real, it suggests that Whirlpool was once struck by a ransomware attack and negotiated, but was not in a rush to improve security. Or, there is a risk that the attack of the ransomware has advanced very poorly, and therefore it is not easy to restore, and specific steps may not possibly be taken.

In the type of text files and 7zip archive files, the Nephilim operators leaked Whirlpool files. Whirlpool filelist.txt and Whirlpool part1.7z are file names.

The actual attack happened in early December, according to a foreigner named Bleeping Machine, although it was not officially verified by Whirlpool.

Nephilim ransomware operators posted a list of files in October that were leaked by Luxottica, an Italian eyewear manufacturer. Moreover, the major European mobile providers Orange, the SPIE Network, Germany’s biggest multi-service operator Dusman Group and the Toll Group have been infringed.