Dire Wolf Ransomware Attack Hits Malaysian Energy Firm

Malaysian energy services company Perdana Petroleum Berhad became the latest victim of a major ransomware attack after the Dire Wolf ransomware group claimed responsibility for breaching the organization’s network.
According to reports, the attackers used a double-extortion strategy, a tactic that has become increasingly common among modern ransomware groups. In addition to encrypting company systems and disrupting business operations, the group allegedly stole around 150 GB of sensitive data before demanding a ransom.
The stolen information is believed to include financial records, legal documents, supplier details, customer information, and other confidential business data. The attackers threatened to publish the data publicly if their demands were not met, putting significant pressure on the company and raising concerns across Malaysia’s energy sector.
The incident has attracted attention because Perdana Petroleum operates within the oil and gas industry, a sector considered part of a nation’s critical infrastructure. Cybersecurity experts have repeatedly warned that attacks against energy providers can have consequences beyond financial losses, potentially affecting essential services and supply chains.
The attack also highlights the growing threat facing organizations across the Asia-Pacific region. As ransomware groups continue to evolve, they are increasingly targeting companies that provide critical services, knowing that operational disruption can increase the likelihood of ransom payments.
Security specialists say organizations in the energy sector should strengthen network segmentation, separate operational technology (OT) systems from corporate networks, and regularly test backup and recovery procedures. These measures can help reduce the impact of future attacks and improve resilience against increasingly sophisticated cyber threats.
The Dire Wolf group has been linked to multiple ransomware incidents worldwide, demonstrating that critical infrastructure remains a high-value target for cybercriminals seeking both financial gain and maximum disruption.