Pakistan’s Largest Electric Supplier Crippled by NetWalker Ransomware

• ‘K-Electric’ in Pakistan is the latest target of the NetWalker group, who is demanding a ransom of $3.8 million.
• The company remained silent about the event, but customers can’t log into their online accounts.
• NetWalker is highly successful, hitting large entities from around the globe and getting millions in return.

NetWalker has caught another big fish in its net, as the notorious ransomware gang is now holding K-Electric under a threatening status. Since yesterday, K-Electric’s systems were taken partially offline after NetWalker planted their ransomware and crippled the electric power supplier’s network.

As a result, customers cannot access the company’s online services, check their account status, pay bills, report problems, etc. K-Electric is trying to redirect these people to another site they have set up for this purpose, but the whole situation remains highly problematic.

K-Electric is responsible for powering Karachi, a city with a population of 22 million people. The company employs over ten thousand people and is Pakistan’s largest power utility. That said, the disruption caused by the cyber-attack is critical.

According to information that comes from local sources, the attack happened on the morning of September 7, 2020. Since only the billing services were affected and not the supply of electric power, the company didn’t make any announcements about the incident.

Due to the company’s size, NetWalker couldn’t demand anything less than $3.8 million paid in Bitcoin. If K-Electric fails to pay the ransom by September 15, 2020, the price will double to $7,700,000 (765.6 BTC). That’s according to the Tor payment page that was published in BleepingComputer concerning this incident.

Of course, the lever of extortion are stolen files from the K-Electric servers, but no details about what exactly NetWalker is holding were provided. Possibly, it could be sensitive and identification user account data taken from the billing platform.

This comes only a couple of days after NetWalker took down the systems of the Argentinian immigration agency, a week after Cygilant was compromised, and three weeks after the University of Utah paid half a million to the particular group in an effort to secure the stolen data.

It is clear that NetWalker is going through a period of success and enrichment, and according to McAfee, the ransomware group has made roughly $25 million in the last five months.