Stories
Slash Boxes
Comments

SoylentNews is people

posted by martyb on Monday October 19 2020, @10:33AM   Printer-friendly
from the it's-time-to-stop-horsing-around-and-time-to-clip-Clop dept.

Enterprise Solutions Provider 'Software AG' Hit by Clop Ransomware:

German enterprise solutions giant Software AG revealed last week that it had been targeted by cybercriminals with the Clop ransomware.

[...] The company said its helpdesk services and internal communications were impacted, but claimed that cloud-based services were not affected and that it found no evidence of customer information being compromised.

However, in an update shared on October 8, the company said the malware had not been fully contained and it had found evidence that the attackers did in fact download data from servers and employee notebooks.

Researchers at MalwareHunterTeam said on Saturday that the attack involved the Clop ransomware, and they noticed what appeared to be a new feature — the use of wevtutil.exe to clear event logs. They also noted that the sample that hit Software AG checked for the presence of McAfee software and attempted to uninstall it, but it's unclear if the attackers somehow learned that the target was using McAfee products or if this functionality was added to the malware for a different target.

[...] Screenshots posted by the hackers show that they have obtained tens of gigabytes of data representing more than one million files. They appear to have obtained passport copies, invoices, and emails.

Bleeping Computer has learned from the Clop payment page associated with Software AG that the attackers have asked for more than 2,000 bitcoin, which is roughly $23 million.

(Emphasis retained from original.)


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
(1)
  • (Score: 0) by Anonymous Coward on Monday October 19 2020, @01:51PM

    by Anonymous Coward on Monday October 19 2020, @01:51PM (#1066410)

    Stop paying. Hold payers accountable for making things worse. Especially cyber security insurance companies.

    TLA's likely know who is doing this, but think too highly of their methods to fix this.

    Hold Microsoft accountable of unconscionable priorities, putting the newest marketing goals ahead of fixing things the last goals broke.

    .

    Or, just do old fashioned, offsite, offline backups?

  • (Score: 5, Insightful) by sonamchauhan on Monday October 19 2020, @01:57PM

    by sonamchauhan (6546) on Monday October 19 2020, @01:57PM (#1066415)

    I work for one of their customers. It's been a week plus. I don't think they paid and I hope they do not pay.

    We really need to stop making crime pay. If there are enough failed hack operations where the crims don't earn a cent, but risk detection and jail, then the rest of humanity benefits.

  • (Score: 0) by Anonymous Coward on Monday October 19 2020, @10:32PM

    by Anonymous Coward on Monday October 19 2020, @10:32PM (#1066618)

    $23 Million would have bought a lot of offline backups and competent system admins.

  • (Score: 3, Insightful) by Gaaark on Tuesday October 20 2020, @02:03AM

    by Gaaark (41) on Tuesday October 20 2020, @02:03AM (#1066701) Journal

    How's that Windows TCO going?

    I say, "Keep it coming!"
    Maybe some day, people will grab a brain and get off Windows....problem is it will be MS Linux and they'll bork it completely.

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
(1)