MediaMarkt hit by Hive ransomware

The MediaMarkt Ransomware

MediaMarkt, one of the world’s largest electronics retailers, has been hit by the Hive ransomware, which has demanded an initial ransom of $240 million. IT systems in the Netherlands and Germany have been shut down, and shop operations have been interrupted as a result of the attack.

MediaMarkt Ransomware 1024x536

As per the information that has been revealed, a Hive Ransomware infected MediaMarkt’s servers and workstations late Sunday night into Monday morning, forcing the company to shut down its IT infrastructure to stop the malware from spreading.

What is Hive ransomware capable of?

Since its inception in June 2021, Hive ransomware has been used to infect enterprises through phishing scams that include malware. The threat actors typically spread the infection over a network and steal unencrypted data that later they can utilize in extortion demands.

The ransomware group has been known to search for and destroy any backups in order to prevent the victim from regaining access to their files. Aside from targeting Windows, Hive ransomware has also developed variations that encrypt Linux and FreeBSD systems.

Hive ransomware is known to steal files before applying its encryption and publish them on its “HiveLeaks” data breach site in the event of no payment of the ransom demanded by the cybercriminals.

Details about the attack

Several retail outlets in Europe, particularly in the Netherlands, were the target of the attack, according to information shared by security researchers.

Currently, affected stores’ cash registers do not accept credit cards or issue receipts. The outage of the systems caused by the ransomware also prevents refunds due to the fact that there is no access to previous purchases databases. The online sales are in operation, though, and function as normal.

The initial ransom that the Hive Ransomware gang has demanded was a hefty $240 million for a decryptor of the sealed data. Researchers are commenting that it is a common practice for many ransomware gangs to ask for unrealistically high ransom in the beginning, in order to allow room for negotiation, but they typically reduce that amount in the end.

MediaMarkt has confirmed that it has suffered a cyberattack on the MediaMarktSaturn Retail Group and its national organizations. As per the statement, the company has alerted the authorities immediately and is working at full speed to detect and recover any damage caused. As a result of the incident, some services may not be available at the shops at the moment, however, MediaMarktSaturn is hoping to be able to provide all of its services without any restrictions via all of its sales channels as soon as possible.

MediaMarkt personnel has been instructed to avoid encrypted systems and to unplug cash registers from the network, according to local media sources.

European consumer electronics giant MediaMarkt has more than 1,000 outlets across 13 countries. An estimated 53,000 people work at MediaMarkt, which generates annual revenue of €20.8 billion.

About the author


Lidia Howler

Lidia is a web content creator with years of experience in the cyber-security sector. She helps readers with articles on malware removal and online security. Her strive for simplicity and well-researched information provides users with easy-to-follow It-related tips and step-by-step tutorials.

Leave a Comment