blackbyte attacks Petrolimex Station

Incident Date:

February 5, 2022

World map



blackbyte attacks Petrolimex Station


Petrolimex Station




Trung, Vietnam

Dong Da, Vietnam

First Reported

February 5, 2022

Petrolimex Station Suffers Ransomware Attack by BlackByte Group

Company Overview

Petrolimex Station is a Vietnamese company that operates in the energy sector. The company's website provides information about their services, including fuel sales, lubricants, and other petroleum products. However, there is limited information available about the size of the company or its unique features in the industry.

Vulnerabilities and Targeting

Ransomware attacks have become increasingly common, with 71% of organizations worldwide experiencing at least one ransomware attack in 2022. The average total cost of an attack reached $4.3 million. The specific vulnerabilities that led to Petrolimex Station's attack are not detailed in the search results. However, it is mentioned that the attack was neutralized and only affected less than 5% of the company's computers.

BlackByte Ransomware Group

BlackByte is a ransomware group that has been active in recent years. The group is known for its ransomware attacks on various organizations, including Mexican state-owned oil company Pemex, which was hit with a ransomware attack demanding $4.9 million.

The ransomware attack on Petrolimex Station by the BlackByte group highlights the ongoing threat of cyber attacks in the energy sector. Companies in this sector must remain vigilant and implement robust cybersecurity measures to protect against such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.