Cyber security news for all

More

    Sodinokibi ransomware operators leak files stolen from Electrical middleman, Elexon

    Elexon, a go-between in the UK power grid network, was the victim of a cyber attack in May. Its systems had been infected with the Sodinokibi ransomware.

    Elexon company is an electricity-regulating company regulating electricity quota and applying it around the network according to demand.

    A post published by The Telegraph reads; “hackers have targeted a critical part of the UK’s power network, locking staff out of its systems and leaving them unable to send or receive emails.”

    This hack affected the company’s internal IT network, along with employees’ laptops and email servers. However, they spared the system responsible for the UK electricity transit, BSC Central Systems, and EMR.

    After taking down email servers in response to the attack, the company released a message declaring that they located the root source of the incident and was working to restore the internal network and employee laptops.

    Two weeks after the declaration, Sodinokibi released the leaked data; a total of 1,280 files, including the passports of Elexon staff members and an evident business insurance application form, on their leak site.

    Sodinokibi disclosed the heisted data because the Elexon, while refusing to pay the ransom heightened security and restored operations from backups.

    In response to the attack, experts from the security firm, Bad Packets, reported that even without the confirmation of the compromised vulnerability, Elexon ran on an outdated version of Pulse Secure VPN Server; which was at risk of compromise by threat actors.

    According to the company’s post on its website, “we are advising you that a cyber attack has impacted today, ELEXON’s internal IT systems. BSC Central Systems and EMR are currently unaffected and working as normal. The attack is to our internal IT systems and ELEXON’s laptops only. We are currently working hard to resolve this. However, please be aware that we are unable to send or receive any emails at the moment.”

    Sodinokibi seems to be targeting random companies. Apart from Elexon, it has also claimed to have stolen information from the law firm, Grubman Shire Meiselas and Sacks. GSMLaw deals with several celebrities, including Timbaland, Elton John; Nicki Minaj, Robert de Niro; Madonna, Chris Brown; Usher, etc.

    The ransomware group, Sodinokibi isn’t the unique blackmail group. Other groups involved in this act include DopplePaymer, Maze, Nefilim, Nemty, RagnarLocker, and NetWalker.

    Recent Articles

    Millions of RDP attacks on home offices

    Since the corona related move to the home office, the number of daily hacker attacks on remote desktop connections has increased more than tenfold....

    KuCion crypto confirms 150 million dollar security breach

    Cyber criminals were able to steal from the KuCion crypto and stole coins worth millions. On the evening of last Friday, KuCion crypto noticed...

    Hungarian banks were the target of a massive DDoS attack

    Several banks and the Hungarian Telekom have been the target of a cyber attack. The attacks are said to have come in several waves...

    The source code of Windows XP is leaked

    The source code of Windows XP is currently freely accessible. The media says that data first appeared on 4chan and is currently being exchanged...

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox