Major Cyberattack Hits Prometey Agribusiness Holding

The agribusiness holding Prometey has become the target of a large-scale cyberattack. Hackers managed to breach multiple layers of the company’s security system and are demanding a ransom of $250,000 in exchange for restoring access to the company’s database, ProAgro Group reports.

Prometey stated that the incident constitutes outright blackmail and an attempt to paralyze the entire holding, as key internal systems have stopped functioning.

“We received a message demanding a ransom for access to our own database. This is clear cyber extortion. We have been working around the clock for the third day in a row to stabilize the system and recover the data,” Prometey’s IT specialists said.

According to the company, the attack occurred on Sunday, when the internal database went offline along with the software that supports operations across the entire group of companies. About half of employees’ computers were fully infected by the virus, while the rest were partially affected. As a result, business processes were virtually halted, with internal services critical to day-to-day operations completely paralyzed.

Prometey added that the hackers deployed malware that penetrated the system and could have destroyed it entirely.

“All information accumulated on our servers over many years ended up in the hands of unknown actors — from working datasets to internal documents and operational information,” the company noted.

Company representatives emphasized that the system had multi-layered protection, with up to ten security levels, all of which were nevertheless breached.

“We built layered defenses, but they still found a way in. Now we are restoring data piece by piece while simultaneously closing every vulnerability we identify,” the IT team said.

The attack is still ongoing, with continued attempts to pressure the system. The team is forced to restore services while simultaneously repelling new waves of intrusion.

Prometey also reported signs of a possible “Russian trace”, identified during a preliminary analysis of activity and IP addresses involved in the attack.

The company noted that this is the most damaging cyberattack it has faced in its many years of operation. If the hackers do not retreat soon, Prometey intends to contact Ukraine’s cyber police, hoping that specialized law enforcement agencies will help repel the attack and identify those responsible.

Scroll to Top