BreachExchange mailing list archives
Australian company Jands appears to have been hit by Windows ransomware
From: Destry Winant <destry () riskbasedsecurity com>
Date: Fri, 4 Sep 2020 08:56:09 -0500
https://www.itwire.com/security/australian-company-jands-appears-to-have-been-hit-by-windows-ransomware.html Cyber criminals appear to have used the Windows NetWalker ransomware to attack the website of Australian firm Jands, which distributes some leading audio, lighting and staging brands for installation, production and retail industries throughout Australia and New Zealand. The people behind the attack have posted a screenshot of data stolen from Jands on their website. Going by that, what seems to have been stolen is financial data, customer details and other miscellaneous data. Jands has been in business since 1970 and is based in Mascot, NSW. NetWalker has not been used in many attacks recently. One attack of note was on Forsee Power, a company that designs and manufactures smart lithium-ion battery systems for electro-mobility markets. Another was an attack on Trinity Metro, a regional transportation authority of the state of Texas. Prior to that the University of California in San Francisco admitted it paid US$1.14 million to a gang that used NetWalker to attack its systems. A fourth case was that of Australian customer experience firm Stellar, that also operates across Asia, North America and Africa. iTWire has contacted Jands for comment. Brett Callow, a ransomware threat researcher who works for the New Zealand-headquartered security firm Emsisoft, said NetWalker was a sophisticated ransomware-as-a-service operation that mainly targeted enterprise-space companies. "It only accepts affiliates with proven access to enterprise-space networks," he added. "Like other groups, NetWalker uses a range of attack vectors including phishing and RDP." _______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- Australian company Jands appears to have been hit by Windows ransomware Destry Winant (Sep 04)