Electronics Outlet MediaMarkt Hit by Ransomware Attack Demanding $50M in Bitcoin

By Liam J. Kelly

European electronics outlet MediaMarkt is reportedly investigating a Hive ransomware attack launched on Sunday evening, with the attackers demanding a multi-million-dollar ransom in Bitcoin.

The attack has allegedly encrypted and blocked various key services of the retailer, including its ability to accept credit cards and accept returns in some stores. Online sales are reportedly unaffected.

The attackers reportedly demanded $240 million to release the encrypted data, according to tech site Bleeping Computer, but the ransom was quickly reduced. Local reports indicate the demand is closer to $50 million after MediaMarkt began negotiations with the attackers. The attackers have reportedly demanded that this sum be paid in Bitcoin.

When an entity is faced with a ransomware attack, many important files and documents are essentially blocked. The attackers then demand a sum of money in exchange for a decryptor to release these files.

With over 1,000 stores across Europe and reported revenues of nearly $25 billion per year, MediaMarkt is Europe’s largest and most profitable electronics retailer.

The rise of ransomware

Alongside the meteoric rise of crypto prices this year, ransomware attacks have also increased in frequency and damage; according to blockchain data company Chainalysis, by May this year, the tally of stolen crypto from ransomware attacks had already reached $81 million.

Perhaps the most notable attack in recent months was the U.S. Colonial Pipeline hack. In May this year, the large oil pipeline system responsible for servicing the Southeastern United States was forced to shut down due to a ransomware attack. As a result, many states in the region suffered fuel shortages until the company was back up and running.

In the U.S., the Department of Justice has elevated ransomware threats to the same level as terrorism. The U.S. government has also established a specific task force to monitor these threats as they appear. Earlier this week, the U.S. Treasury added P2P crypto exchange Chatex to its sanctions list for facilitating ransomware payments.

The groups launching the attacks are myriad, with MediaMarkt’s attackers, called Hive, representing just one of several hacker groups.