Hackers demand $125K in baguettes in ransomware attack

A ransomware group, Hellcat, has targeted French multinational Schneider Electric, demanding a $125,000 ransom paid in French baguettes.

Hellcat also offered to accept Monero, a privacy-focused cryptocurrency favored by cybercriminals for its anonymous transaction capabilities, instead of bread.

The group claims to have stolen 40GB of sensitive data, including customer and operational information, and threatens to leak it if their demands are not met.

A Twitter user named Grep, representing Hellcat, communicated the demands, using the baguette request as a unique marketing tactic to draw attention in the crowded ransomware market.

Cyberscoop reports that the demand for baguettes is largely symbolic and meant to make Hellcat stand out, though the group would accept the ransom in Monero as well.

Schneider Electric confirmed an investigation into a cybersecurity breach affecting an internal project-tracking platform in an isolated environment, asserting that its products and services remain unaffected.

This marks Schneider Electric’s third ransomware attack in two years, following incidents involving Cactus ransomware in February and the CL0P group in June as part of the MOVEit attacks.

Hellcat’s message referenced Schneider’s high revenues, noting that the company reported $38 billion in revenue last year, though no specific reason was given for targeting the company.

The group directed part of its message to Schneider’s CEO, Olivier Blum, as it continues to pressure the company for a response. 

With over 400,000 rows of user data reportedly in its possession, Hellcat’s attack raises concerns over ongoing cybersecurity vulnerabilities in major corporations.