Connect with us

Conti ransomware stole 1.7 TB of data from JVCKenwood

Published

on

The group demanded from the company $ 7 million for data recovery.

Conti ransomware hacked into the servers of the Japanese electronics manufacturer JVCKenwood Group and stole 1.7 TB of data. Now the group is demanding $ 7 million from the company for data recovery.

In a press release on their website JVCKenwood confirmed incident without going into details. As indicated, the attack on the servers took place on September 22 this year and “may have led to a data leak.” JVC Kenwood did not elaborate on what kind of cyberattack we are talking about.

The company also noted that at the moment there is no evidence of customer data leakage. Investigation into the incident is ongoing.

Judging by the ransom notice that was at the disposal of the media, the organizer of the cyberattack is the extortionist group Conti. According to the note, the attackers stole 1.7 TB of data from the company, and JVCKenwood is required to pay $ 7 million to recover the information. As proof of the theft, the group provided a scan of the passport of a JVCKenwood employee.

After that, negotiations between Conti and representatives of the Japanese manufacturer ended. It is possible that the company decided not to pay the ransom.

Last week, the Conti group attacked GSS, the Latin American and Spanish division of Covisian, disrupting most of its IT systems. As a result of the cyberattack, call centers and automated telephone customer support services for companies and government agencies in Spain and Latin America were unavailable.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Hackers hacked Trump’s social network prior to launch

Published

on

A few hours after the launch was announced, the attackers created an account on behalf of Trump and posted obscene notes to the address of the founder of another social network.

The social network of ex-US President Donald Trump Truth Social, the creation of which he announced the day before, was subjected to a hacker attack. Writes about this The New York Times (NYT).

The cybercriminals claim that a few hours after the announcement of the creation of TRUTH Social, they were able to gain access to the beta version of the platform. Cybercriminals created fake accounts on behalf of Trump and his former aide Steve Bannon. On the fake page of the ex-President of the United States, they posted a photo of a defecating pig and obscene remarks about the founder of Twitter Jack Dorsey.

The developers had to delete these accounts and close access to the site. Its official release was scheduled for 2022.

The hackers chose to hide their identities, but claim to be associated with the Anonymous group. According to them, the hacking of the social network was part of their “war against hate.” They also wanted to have fun.

Continue Reading

Security

Olympus was attacked by ransomware for the second time in two months

Published

on

The company was attacked by Macaw ransomware developed by Evil Corp.

Japanese tech giant Olympus fell victim to ransomware for the second time in two months. This time, the attack was carried out by the cybercriminal group Evil Corp, against which the US government has imposed sanctions.

The attack on Olympus using a new variant of malware called Macaw began on October 10, 2021. The malware encrypted company systems in the United States, Canada and South America.

Macaw is a variant of WastedLocker ransomware, and both are developed by the cybercriminal group Evil Corp.

This is the second ransomware attack on Olympus in the past two months. The first incident took place in September, when the company’s networks in Europe, the Middle East and Africa were encrypted with BlackMatter ransomware (BlackMatter and Evil Corp. are not related).

“Olympus was attacked by BlackMatter last month and a week or so by the Macaw,” Allan Liska, an analyst at information security firm Recorded Future, told TechCrunch.

According to Liska, the ransomware Macaw left a ransom note on the compromised computers with a data theft statement.

According to the official press release Olympus, the company is investigating “possible data breaches” – a known technique of the so-called “double extortion” in which ransomware steals data from their victims and threatens to publish it if the ransom is not paid.

The company does not provide details about the incident, citing an ongoing investigation.

Continue Reading

Security

Scientists have learned to track gadgets using BLE signals

Published

on

Devices can be tracked by prints of their physical characteristics.

In the past few years, mobile devices have become more likely to use the Bluetooth Low Energy (BLE) protocol to transfer messages, which can pose a significant privacy risk, experts at UC San Diego warn.

Within the framework of research they examined the implementation of BLE in a number of popular models of smartphones, laptops and gadgets and found that devices can be traced back to their physical characteristics. The bottom line is that devices can have a unique fingerprint that can be used to determine where they were and when.

BLE messaging has become more common in phones, laptops, smartwatches and other gadgets due to the support of operating devices for functions such as Apple Continuity or Find My, which imply the use of the BLE standard.

Typically, applications using this protocol try to hide identifiable data by encrypting the device’s MAC address, but this does not help to hide the built-in hardware characteristics of the device, based on which it can be identified.

Experts have tested their theory on several devices, including the iPhone 10, Thinkpad X1 Carbon (Windows), MacBook Pro 2016 (macOS), Apple Watch 4 (watchOS), Google Pixel 5 (Android), and Bose QuietComfort 35. In most cases, they were able to get a fingerprint of the physical BLE chip and distinguish one device from another.

In the course of the study, the scientists faced some difficulties, for example, it turned out to be more difficult to distinguish devices operating on the same chipset model than to distinguish gadgets based on different chips. The device’s ability to identify was also influenced by its temperature and signal transmission power.

Using special equipment, the researchers intercepted BLE signals from 162 devices in public places and were able to identify 40% of them. In addition, the group recorded BLE signals from bystanders’ devices with COVID-19 tracking apps from Apple and Google for two days for 10 hours. Scientists managed to “uniquely identify” 47.1% of 647 MAC addresses.

In theory, the method can be used to track the Apple AirTag and Samsung SmartTag Plus Bluetooth trackers, the researchers noted.

Continue Reading

Most Popular