Cyber security news for all

More

    Netfilim hackers release sensitive data of Indian Oil firm

    A cyber criminal group known for its Nefilim (Netfilim) ransomware is continuing to target energy companies and has published an array of sensitive data belonging to India’s largest offshore drilling company Aban Offshore this week.

    The breach, confirmed by cybersecurity firm, Cyble, contains more than 250 employees’ passports and confidential data about the company and its contractors.

    The number of firms held for ransom by ransomware hackers is growing at a steady rate. With the rising sun comes new threats as more companies’ data get compromised and sold without second thoughts.

    Trend Micro remarked in a security blog, “Nefilim’s code shares many notable similarities with Nemty 2.5 ransomware; the main difference is  that Nefilim has done away with the Ransomware-as-a-Service (RaaS) component. It also manages payments via email communication rather than through a Tor payment site.”

    The threat actors set up the ransomware ensuring, the need for RSA private key to decrypt the encrypted files. File enccryption uses AES-128 encryption, after which the data are tagged with the “Netfilim” string.

    Netfilim Operator’s Campaign in Full Swing

    The attacks are random and aimed firms from diverse sectors. Australian-based logistics behemoth Toll Group was also a victim of the campaign in May which successfully breached a Toll Group server. The firm held its stand and refused to “settle” with the group.

    While speaking about the breach back in May, the Toll Group had this to say, “after detecting this attack; we shut down our IT systems to mitigate the risk of further infection. Toll has refused to engage with the attacker’s ransom demands; which is consistent with the advice of cybersecurity experts and government authorities. Our ongoing investigations have established that the attacker has accessed at least one specific corporate server. This server contains information about past and present Toll employees, and details of commercial agreements with some of our current and former enterprise customers. The server in question was not designed or developed as a repository for customer operational data.” The firm’s “key online systems” are gradually being restored. Noting the refusal by Toll Group, the hackers went ahead and released cached data on the dark web.

    With the daily compromise of security systems; precautionary steps are advisable to guarantee that the hackers gain no access to networks. The U.K cybersecurity firm, NCSC, took the initiative and updated its “guidance”. Prompted by the numerous incidents where ransomware has not only encrypted the original data on-disk but also connected USB, and network storage drives holding data backups.

    So far, damages to systems have been irreversible.

     

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox