After some customers stated that their Konica contacts indicated a breach caused the outage, a source shared a copy of the ransom note used in the attack on Konica Minolta to researchers,
named '!!KONICA_MINOLTA_README!!.txt. It was also discovered that the devices in the company were encrypted, and files had the '.K0N1M1N0' extension appended to them. This ransom note belongs to a relatively new ransomware called RansomEXX, which is human-operated
and entails threat actors compromising a network, and over time, spreading to other devices until they gain administrator credentials.
Learn more >