Criminals managed to fully encrypt the database of the Superior Court of Justice (STJ) between Monday and Tuesday this week (02-03), leaving the institution in the dark. Today (05), STJ technicians found a ransom request with a contact from the hackers for negotiation. The information is from the backstage.
The message is vague, but gives all indications that it is ransomware, when hackers hijack important databases and then ask for large sums of money, usually to be paid in Bitcoin, to return access to the victim.
In the English message, the hackers announced the attack, saying “all files have been completely encrypted”. There is even a warning for technicians about possible file corruption in case of attempts to decrypt the servers. Criminals still offer to restore affected items.
Who is behind this?
There is still no official information on the possible identification of those involved in the attacks on the STJ, the Ministry of Health, the Federal District Government and other public institutions. The message found by the technicians of the STJ has no indication of values that criminals wish to receive in return for returning the database and there does not seem to be any kind of political motivation in the text.
This could indicate an attack by independent hackers, but it is not possible to rule out action by foreign governments. It is all speculation at the moment, but episodes like this week have already happened in countries like the United States and Ukraine and, in many cases, were targeted attacks in response to political statements by presidents and other leaders.
The STJ has not yet officially positioned itself on the subject.