Cyber security news for all

More

    Sodinokibi ransomware operators leak files stolen from Electrical middleman, Elexon

    Elexon, a go-between in the UK power grid network, was the victim of a cyber attack in May. Its systems had been infected with the Sodinokibi ransomware.

    Elexon company is an electricity-regulating company regulating electricity quota and applying it around the network according to demand.

    A post published by The Telegraph reads; “hackers have targeted a critical part of the UK’s power network, locking staff out of its systems and leaving them unable to send or receive emails.”

    This hack affected the company’s internal IT network, along with employees’ laptops and email servers. However, they spared the system responsible for the UK electricity transit, BSC Central Systems, and EMR.

    After taking down email servers in response to the attack, the company released a message declaring that they located the root source of the incident and was working to restore the internal network and employee laptops.

    Two weeks after the declaration, Sodinokibi released the leaked data; a total of 1,280 files, including the passports of Elexon staff members and an evident business insurance application form, on their leak site.

    Sodinokibi disclosed the heisted data because the Elexon, while refusing to pay the ransom heightened security and restored operations from backups.

    In response to the attack, experts from the security firm, Bad Packets, reported that even without the confirmation of the compromised vulnerability, Elexon ran on an outdated version of Pulse Secure VPN Server; which was at risk of compromise by threat actors.

    According to the company’s post on its website, “we are advising you that a cyber attack has impacted today, ELEXON’s internal IT systems. BSC Central Systems and EMR are currently unaffected and working as normal. The attack is to our internal IT systems and ELEXON’s laptops only. We are currently working hard to resolve this. However, please be aware that we are unable to send or receive any emails at the moment.”

    Sodinokibi seems to be targeting random companies. Apart from Elexon, it has also claimed to have stolen information from the law firm, Grubman Shire Meiselas and Sacks. GSMLaw deals with several celebrities, including Timbaland, Elton John; Nicki Minaj, Robert de Niro; Madonna, Chris Brown; Usher, etc.

    The ransomware group, Sodinokibi isn’t the unique blackmail group. Other groups involved in this act include DopplePaymer, Maze, Nefilim, Nemty, RagnarLocker, and NetWalker.

    Recent Articles

    Personnel were asked to removed 89 apps which includes Instagram, Facebook, and others by the Indian Army

    Personnel are told by the Indian Army to delete 89 apps from their phones from July 15. This is in a bid to avoid...

    The warning sent to employees about Tiktok app was a mistake says Amazon

    On Friday morning, Amazon sent out a memo to its employees, asking them to uninstall the popular social media app TikTok off their phone....

    Other Android phones sold in the US contains pre-installed malware

    There’s a discovery of Pre-installed malware on another phone by researchers from Malwarebytes; through the lifeline Assistance program for sale in the United States....

    About 15 billion stolen passwords and usernames sold on the dark web.

    A recent finding has shown that about 15 billion passwords and usernames are distributed on the dark web. This compromise will bring about credential...

    Hundreds of multinational companies aimed by Russian BEC Gang

    According to the security firm Agari, there has been a discovery of a newly uncovered Russia-based business email compromise gang; BEC gang that scams...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox