Pierre Fabre, one of the leading pharmaceutical group in France, has been hit by a REvil ransomware attack and the hackers initially demanded $25 million to restore the organization's IT systems. Pierre Fabre is known for its more than 10,000 cosmetics and pharmaceutical products.

The attackers struck on March 31, 2021, and Pierre Fabre was able to minimize damage within 24 hours. Since the organization did not want to hinder its business abruptly, it decided to slow down operations and production gradually. Pierre Fabre disclosed the details in a press release issued on April 1, 2021.

Although the attack vector of the breach is yet to be revealed, REvil has been operating in full force for the past month. The attacks on Acer, Dairy Farm and Asteelflash are other incidents that REvil has taken responsibility for.

REvil is a ransomware-as-a-service developed by malware coders and distributed to affiliates who spread it across the internet. If they extract a ransom from a victim, it is split between the coders and affiliates as per an agreement.

It is believed that REvil ransomware attackers didn't hear back from the Pierre Fabre regarding the ransom. The hackers then doubled the ransom amount to $50 million. At this time, Pierre Fabre is still considering their options to fix the issue, and is expected to release an update soon on their response to the attack.

It is important to understand how ransomware attacks work and learn how to keep your network safe from malicious actors. Most of the ransomware attacks involve endpoints. With the appropriate security protocols in place, you can be assured your endpoint security management will keep those threats at bay. You can also read our best practices for selecting an endpoint management solution e-book to understand how endpoint security has evolved and how you can adapt to these changes.