Japanese automobile company, Honda was the target of an attack by ransomware. The ransomware at work is suspected to be the SNAKE (EKANS) Ransomware.
The intrusion muddled the company’s businesses in several countries on Monday; but since then, business is back to normal, as production has kicked off.
Production at the Swindon factory in the U.K. stopped due to the Covid-19 pandemic; as a result, the attack from the hackers had a minimal effect in the country.
A researcher, Milkream, discovered The SNAKE Ransomware and sent the sample to VirusTotal for analysis. The ransomware functions by checking the internal Honda network name of “mds.honda.com.”
Explaining the process undertook to analyze the sample, BleepingComputer had this to say.
“When BleepingComputer tried to analyze the sample, the ransomware would start and immediately exit without encrypting any files. The researcher states that this is because the ransomware tries to resolve the “mds.honda.com” domain, and failing to do so, will terminate the ransomware without encrypting any files.”
“Security researcher Vitali Kremez has also told BleepingComputer that in addition to the mds.honda.com check, it also contains a reference to the U.S. IP address 170.108.71.15. This IP address resolves to the ‘unspec170108.amerhonda.com’ hostname.”
The analysis shows the specificity for the IP address, and the custom internal hostname check implies that Honda was the proposed target.
On the bright side, the attack did not affect Honda customers’ data. The organization is working tooth-and-nail to ensure that a repeat attack never takes place. A statement from the company reads; “we are working to minimize the impact and to restore full functionality of production, sales, and development activities. At this point, we see a minimal business impact.”
This attack could not have happened at a worse time as reports have been circulating about the demand for automobiles to invest in technology. AP news states, “the attack also comes as automakers face pressure to invest large amounts of money in new technologies such as electric and autonomous cars to meet air pollution limits in Europe and China and fend off competition from tech companies.”
 Ransomware){kind=link}