Cyber security news for all

More

    Netfilim hackers release sensitive data of Indian Oil firm

    A cyber criminal group known for its Nefilim (Netfilim) ransomware is continuing to target energy companies and has published an array of sensitive data belonging to India’s largest offshore drilling company Aban Offshore this week.

    The breach, confirmed by cybersecurity firm, Cyble, contains more than 250 employees’ passports and confidential data about the company and its contractors.

    The number of firms held for ransom by ransomware hackers is growing at a steady rate. With the rising sun comes new threats as more companies’ data get compromised and sold without second thoughts.

    Trend Micro remarked in a security blog, “Nefilim’s code shares many notable similarities with Nemty 2.5 ransomware; the main difference is  that Nefilim has done away with the Ransomware-as-a-Service (RaaS) component. It also manages payments via email communication rather than through a Tor payment site.”

    The threat actors set up the ransomware ensuring, the need for RSA private key to decrypt the encrypted files. File enccryption uses AES-128 encryption, after which the data are tagged with the “Netfilim” string.

    Netfilim Operator’s Campaign in Full Swing

    The attacks are random and aimed firms from diverse sectors. Australian-based logistics behemoth Toll Group was also a victim of the campaign in May which successfully breached a Toll Group server. The firm held its stand and refused to “settle” with the group.

    While speaking about the breach back in May, the Toll Group had this to say, “after detecting this attack; we shut down our IT systems to mitigate the risk of further infection. Toll has refused to engage with the attacker’s ransom demands; which is consistent with the advice of cybersecurity experts and government authorities. Our ongoing investigations have established that the attacker has accessed at least one specific corporate server. This server contains information about past and present Toll employees, and details of commercial agreements with some of our current and former enterprise customers. The server in question was not designed or developed as a repository for customer operational data.” The firm’s “key online systems” are gradually being restored. Noting the refusal by Toll Group, the hackers went ahead and released cached data on the dark web.

    With the daily compromise of security systems; precautionary steps are advisable to guarantee that the hackers gain no access to networks. The U.K cybersecurity firm, NCSC, took the initiative and updated its “guidance”. Prompted by the numerous incidents where ransomware has not only encrypted the original data on-disk but also connected USB, and network storage drives holding data backups.

    So far, damages to systems have been irreversible.

     

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox