BI.ZONE: Sneaking Leprechaun attacked over 30 organizations in Russia and Belarus
The grouping hacked servers and penetrated the infrastructure of organizations.
BI.ZONE specialists discovered a series of unusual attacks organized by the Sneaking Leprechaun group, which targeted over 30 organizations in Russia and Belarus. Unlike typical ransomware attacks, the attackers followed a new scenario to gain access to companies’ systems.
BI.ZONE researchers found that attackers exploited vulnerabilities in outdated versions of popular platforms such as Bitrix, Confluence, and Webmin installed on servers running linux. After successfully infiltrating the system, the criminals secured themselves using their own malicious software.
However, instead of the traditional data encryption and ransom demands, the hackers took more cunning actions. They went unnoticed and manually analyzed the copied data, selecting those that they considered valuable. After that, the attackers contacted the victim company and provided evidence that they had compromised information. Only then did they make ransom demands, threatening to release the data to the public.
According to BI.ZONE experts, Sneaking Leprechaun has attacked more than 30 organizations in Russia and Belarus over the past year. The main category of victims were companies involved in the development and integration of software. It also became known that the victims include organizations from the fields of industry, finance, logistics, medicine, as well as government agencies.
Source link
www.securitylab.ru
