The Italians “kicked” BlackCat – the attack on Azimut did not go as smoothly as planned
500 GB of stolen data does not seem to provide any value to attackers.
Large Italian company Azimutwhich specializes in investment asset management, recently suffered a cyberattack that did not affect the confidential data of its clients, but the ransomware still issued ransom demands to the company.
According to an Israeli startup company darkfeedwhich specializes in monitoring hacker attacks, behind the attack on Azimut are hackers ALPHV (aka BlackCat), who in September a lot of data was stolen from a state-owned Italian energy firm GSE.
“The attack did not affect data or information that could allow access to the personal position of clients and financial advisers or perform unauthorized transactions,” Azimut said in a statement, however, without denying the very fact of data theft. The company only emphasized that the stolen data is of no value to attackers, and Azimut customers are not in danger.
Representatives of Azimut also received a ransom note, but they are in no way going to be led by hackers, believing that this is completely contrary to the fundamental principles and values of the company.
California company Palo Alto Networks conducted its own mini-investigation and confirmed that ALPHV/BlackCat hackers were behind the attack. The researchers studied the information published by the attackers on their leak website and found out that more than 500 GB of information was stolen from Azimut.
Azimut, which manages €85 billion in assets, promptly reported the incident to law enforcement and implemented an internal security procedure that “successfully limited the impact of criminal interference,” the statement said.
According to researchers and analysts, ALPHV/BlackCat is currently the second most active ransomware group using double ransomware tactics in their operations. At the first place still remains lockbit.