An update about the Duvel hack has been posted on the Stormous blog. AFAIK this hasn’t been covered by any Belgian news outlet yet. The hacker states that Duvel has read their chat messages, but has ignored them and hasn’t made an effor to negotiate. In the near future a leak of 12 GB will be posted on the blog, if Duvel doesn’t respond to the negotiations.

The full blog post:

Active member of the StmX|GhostLocker

About the recent attack on www.duvel.com:

Recently, the Belgian beer factory was attacked by gaining full network access, including all network-related hosts. A request was made to publish the victim on the blog before the attack, or notify Duvel hours before, but there was no response from the operator regarding my request for hostage status, despite confirming the storage of 88 GB on Tor network servers and evidence of internal access. The matter will be investigated on Thursday morning,it will be publicly announced as a hostage on the blog.

There was no negotiation from Duvel; there was only access to the chat and seeing messages without any response or refusal of negotiations before announcing the attack to the public. Duvel was never in contact with us.

88 GB of data has been collected and will be fully disclosed in case of no negotiation from Duvel, despite restoring its services completely or restarting production.

I agree to leak an initial size ranging from 12 GB these days for free. If there is no communication with us, we will proceed to leak and sell from the beginning of next week.

I cannot explain the access method to avoid violating the rules of operation, but I work with dealing with other ransomware program members (this is something that does not violate the rules of working with Stormous) known to others but we work on a percentage, whether with them or with the Stm operator, especially in access operations to major companies.

Everything will be emptied soon; we are just waiting for some time, waiting for the final decision of the target.

This matter will be updated #