Pandora ransomware has hit the Japan-based DENSO Corporation, one of the largest automotive parts manufacturers in the world. DENSO — which has more than 200 subsidiaries, almost 170,000 employees, and an annual revenue of over $44 billion — provides parts to Toyota, who just dealt with their own cyberattack, as well as Mercedes-Benz, Fiat, and others.
DENSO has confirmed that their corporate network in Germany was breached, and they worked quickly to prevent the attacker from damaging additional systems. The company says that operations were not impacted; however, Pandora has begun leaking some of the 1.4 TB of files they claim to have stolen.
Pandora is a new ransomware group that began operating this month. They steal data prior to encrypting files with a .pandora extension for use in multi-extortion tactics. One working theory is that Pandora is a rebrand of Rook ransomware, as the two families share similar code and packers.
Cyber Protect includes Active Protection to detect and block even the newest ransomware threats, based on the malicious behaviors they exhibit. If your systems are affected by ransomware, integrated backups and disaster recovery capabilities get you up and running quickly after an incident.