LockerGoga Ransomware Attacks US Chemical Plants

Malware was responsible for Last Months Attacks against Aluminum giant Norsk Hydro

A dangerous new strain of ransomware called LockerGoga has now infiltrated a pair of U.S. chemical manufacturing companies. Attacks against Hexion and Momentive started on March 12, according to the website Vice Motherboard.

The Vice Motherboard report cites an internal company email detailing that company files had been encrypted during a recent cyberattack.

Both companies are owned by Apollo Management Holdings. They both issued similar press releases on Friday, claiming that "a recent network security incident that prevented access to certain systems and data within the company's network." Both firms also stated that the attack exclusively affected only their respective corporate networks and not the networks that directly control manufacturing. The companies' security teams are currently working to restore those systems, including corporate email.

The report also noted the similarities between the ransom emails sent in the attacks against Hexion and Momentive, to the emails sent to aluminum giant Norsk Hydro last month.

LockerGoga is believed to employ a renamed version of the system administration tool PsEXEC. It is not yet completely understood how the malware spreads once it has infiltrated a network. Researchers believe that it may be spreading via stolen remote desktop protocol (RDP). This allows the malware to quickly spread from an infected PC to others within the network.


Julio Rivera

Julio Rivera is a small business consultant, political activist, writer and Editorial Director for Reactionary Times.  His writing, which is concentrated on politics and cybersecurity, has also been published by websites including Newsmax, The Hill, The Washington Times, LifeZette, The Washington Examiner, American Thinker, The Toronto Sun, PJ Media and many others.

Previous/Next Posts

Related Articles

Leave a Reply

Back to top button