Security Market Segment LS
Thursday, 04 June 2020 07:11

Two more Australian companies hit by Mespinoza/Pysa ransomware Featured

Two more Australian companies hit by Mespinoza/Pysa ransomware Image by mohamed Hassan from Pixabay

Two more Australian companies have been hit by attackers using the Mespinoza/Pysa Windows ransomware, the same malware that was used to take down the Australian money management firm MyBudget, security sources have told iTWire.

One firm listed on the website utilised by attackers who use the ransomware is Matthews Australasia which describes itself as "a family business... the Australian leader in intelligent product identification, product inspection and software traceability solutions".

Also listed by the attackers is the accounting firm Fitzpatrick Rushinek Associates, which has offices in the Melbourne CBD and also in Bentleigh, a beachside suburb.

Matthews has operations in New Zealand, apart from offices in Queensland, Western Australia, New South Wales and South Australia.

Zipped data from Matthews Australasia has been listed on the Mespinoza/Pysa website, while data from Fitzpatrick Rushinek Associates was listed and then appears to have been removed.

Mespinoza/Pysa is one among a growing number of Windows ransomware that first exfilitrates victims' files to a server specified by the attackers.

Only after that is the victims' information encrypted and a ransom note generated on machines that have been attacked.

These ransomware operators somewhat sarcastically list their victims as "partners", saying on their website: "We decided to promote the business of our partners. Please look at the documents to learn more."

iTWire has contacted both these companies for comment.

Contacted for comment, ransomware researcher Brett Callow told iTWire: "Ransomware attacks frequently succeed only because basic security best practices were not adhered to: patches were not applied promptly, MFA (multi-factor authentication) was not used and so on.

"This has to change. Every time a company pays a ransom, it provides threat actors with more motivation and more resources to scale up their operations."

Callow, who works for the New Zealand-headquartered security firm Emsisoft, added: "The only way to stop ransomware attacks is to make them unprofitable, and that means companies must up their security game so as not be in the position of needing to pay ransoms."

Subscribe to ITWIRE UPDATE Newsletter here


The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News