PCMag editors select and review products independent. When you buy through affiliate links we may earn commissions, which help support us testing.
Ransomware gangs usually demand payment in cryptocurrency. But one group is asking a French company to pay in “baguettes” after allegedly stealing 40GB of user data.
On Monday, a newly formed ransomware gang known as Hellcat claimed to have breached Schneider Electric, a major supplier of industrial and energy equipment. Like other groups, Hellcat promises it will delete the stolen data if the company pays up.
But the group’s ransom demand stands out, demanding that the French company hand over $125,000 worth of bread. X accounts that appear to be connected to Hellcat are Also to emphasize payment is made in baguettes.
On its website, Hellcat adds: “This breach compromised critical data, including projects, issues, and plugins, along with more than 400,000 rows of user data, totaling more than 40 GB of compressed data.” The gang also claims to have infiltrated Schneider Electric by gaining access to the Atlassian Jira server.
In response, Schneider Electric confirmed to BleepingComputer that it is investigating “a cybersecurity incident involving unauthorized access to one of our internal project execution tracking platforms, which is hosted in an isolated environment.”
“Our Global Incident Response team was immediately mobilized to respond to the incident. Schneider Electric’s products and services remain unaffected,” the company added.
Not much is known about Hellcat, making it unclear whether the group is more focused on causing chaos than extorting victims for actual money. According to BleepingComputer, the gang previously used the name ‘International Contract Agency’, a reference to the Hitman game series. But then the members changed their names to distance themselves from being perceived as an Islamic terrorist group. Hellcat is now testing an encryptor that could be used in future ransomware attacks.