Russian ransomware group reportedly behind Olympus attack
Sources claim the camera giant has been attacked by the Macaw malware
A supposed ongoing ransomware operation against camera giant Olympus is the work of the notorious Russia-based Evil Corp, according to reports.
Based on information from two anonymous sources with knowledge of the incident, TechCrunch says the attack was caused by the Macaw malware, a variant of the WastedLocker malware, both of which are created by Evil Corp.
The ongoing campaign, which began on October 10, and has encrypted Olympus’ systems in the US, Canada and Latin America, follows an earlier BlackMatter-orchestrated attack on the camera giant in September that encrypted its infrastructure across the European, Middle East and Africa regions.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- These are the best endpoint protection tools
- Here's our choice of the best ransomware protection tools
- We’ve put together a list of the best malware removal software
While Olympus has acknowledged that the October 10 “incident” has caused disruptions, it hasn’t commented on the nature of the attack.
Repeat victims
However, Olympus’ statement inadvertently hints to the fact that it has possibly been attacked by ransomware.
“The nature and scope of the incident is under further investigation and we continue to learn additional details, including the likelihood of data exfiltration,” read the statement.
Data exfiltration is part of the double-extortion strategy employed by most ransomware operatives, who, in addition to encrypting their victim’s files, also extract a copy of the sensitive ones, which they threaten to release to their competitors.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Allan Liska, a senior threat analyst at security firm Recorded Future, told TechCrunch that the Macaw malware leaves behind a ransom note on hacked computers that claims to have stolen data from its victims, lending credence to the claims of the anonymous sources.
Unlike Olympus, the Sinclair Broadcast Group, which owns or operates 185 television stations across more than 80 markets, did acknowledge last week that the Macaw malware led to severe disruptions.
- Protect your devices with these best antivirus software
Via TechCrunch
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.