"Google says hackers associated with a prolific ransomware group are sending extortion emails to executives at "numerous" large organizations after claiming to have stolen their sensitive information from a suite of business software products developed by Oracle. In a statement provided to TechCrunch, Google's head of cybercrime analysis Genevieve Stark said the hackers began sending emails to executives around September 29, but that the tech giant has not yet substantiated the hackers' claims."
"The emails were sent from hundreds of compromised accounts, including one used by a known financially motivated cybercrime group affiliated with the Clop ransomware gang. Charles Carmakal, the chief technology officer of Google's incident response unit Mandiant, told TechCrunch that the malicious emails sent to executives contained contact addresses that are listed on Clop's data leak site, which the hackers use to pressure victims into paying them to remove their stolen files."
Google reported that hackers began sending extortion emails to executives around September 29, claiming to have stolen sensitive information from Oracle E-Business Suite. The emails originated from hundreds of compromised accounts, including one tied to a financially motivated group affiliated with Clop. Mandiant noted that the messages contained contact addresses listed on Clop's data leak site used to pressure victims. Clop has exploited zero-day vulnerabilities to breach hundreds of companies, leading to theft of data on at least tens of millions of people. Bloomberg reported a $50 million demand in one case. Attackers used compromised emails and abused default password-reset functions to gain credentials for internet-accessible Oracle E-Business Suite web portals.
Read at TechCrunch
Unable to calculate read time
Collection
[
|
...
]