Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label 8Base Ransomware. Show all posts
Ransomware attack
8Base 8Base Ransomware corporate cyber attacks Cyber Attacks Dark Web Data Leak data security Ransomware attack

Nidec Corporation Ransomware Attack: Data Leak on Dark Web

 

In a recent disclosure, Nidec Corporation, a global leader in precision motors and automotive components, confirmed a significant data breach from a ransomware attack that occurred earlier this year. Hackers, after failing to extort the company, leaked stolen data on the dark web. This breach did not involve file encryption, but the stolen information has raised concerns for employees, contractors, and associates regarding potential phishing attacks. Nidec operates in over 40 countries and has an annual revenue exceeding $11 billion. 

The affected division, Nidec Precision, is based in Vietnam and specializes in manufacturing optical, electronic, and mechanical equipment for the photography industry. An internal investigation revealed that hackers accessed a server using stolen VPN credentials of a Nidec employee. This server contained sensitive documents, including business letters, purchase orders, invoices, health policies, and contracts. Over 50,000 files were compromised in the breach. The company responded by closing the entry point and implementing additional security measures as advised by cybersecurity experts. 

Employees are undergoing further training to reduce future risks, with Nidec notifying business partners who may have been affected. The attack was initially claimed by the 8BASE ransomware group in June, who alleged they stole personal data and a large volume of confidential information from Nidec’s systems. In July, the Everest ransomware group also published stolen data on the dark web, suggesting a connection to 8BASE and initiating a secondary extortion attempt. While Nidec has confirmed the authenticity of the stolen data, it downplayed the potential for direct financial damage to the company or its contractors. 

However, the company remains vigilant and continues to monitor for any unauthorized use of the information. This attack underlines the vulnerability of even the largest corporations to cybercriminals and the importance of robust security measures. As ransomware groups continue to evolve their tactics, companies like Nidec must ensure they are prepared to mitigate threats and protect their sensitive data. 

The Nidec breach is a stark reminder of the ongoing risks in today’s interconnected business environment. In response to this breach, Nidec has implemented stronger security protocols and is actively educating its workforce on how to mitigate cybersecurity risks moving forward.
Read more »
VMware Carbon Black
8Base 8Base Ransomware Cyber Attacks MalwareBytes Phobos RansomHouse Ransomware Ransomware group VMware Carbon Black

8Base Ransomware: Researchers Raise Concerns Over its Increased Activities


The 8Base ransomware has well maintained its covert presence, avoiding detection for over a year. Although, a recent investigation into the ransomware revealed a significant rise in its operation during the period of May and June. It has been made clear that the ransomware group has been active since at least March 2022. The threat group labels itself as “simple pentesters,” indicating a basic level of proficiency in penetration testing.

Details of the 8Base

According to a research conducted by Malwarebytes and NCC Group, as of May, the ransomware group may have been linked with a total of whopping 67 attacks. Among these cyber incidents, around half of the manufacturing, construction, and business services industries together account for around half of the affected firms. The targeted firms are primarily located in the United States and Brazil, indicating a geographic focus by the threat group. 

June saw a significant surge in ransomware activities. The fact that the offenders used a dual extortion tactic raised the stakes for their victims is notable.

A list of 35 victims who have been identified has so far been on the 8Base-affiliated dark web extortion site. There have even been occasions where up to six companies have fallen victim to the ransomware operators' nefarious activities at once on specific days.

According to the VMware Carbon Black team, based on its recent activities, and its similarities of ransom notes and content on leak sites along with identical FAQ pages, 8Base could as well be a rebranding of the popular ‘RansomHouse’ ransomware group. RansomHouse, however flexibly promotes its partnership, while 8Base does not.

It is also noteworthy that a Phobos ransomware sample was also discovered by the VMware researchers, that was utilizing the “.8base” file extension, indicating the 8Base could well be the successor of or utilizing the existing ransomware strain.

The researchers concluded that the efficient operations conducted by the 8Base ransomware group may continue to group, which could be an onset of a mature organization. However, it has not yet been made clear whether the group is based on Phobos or RansomHouse.

As for now, there are speculations on 8Base's use of various ransomware strains, whether it be in earlier iterations or as a fundamental component of its typical mode of operation. However, it is commonly known that this organization is very active, with a concentration on smaller firms as a significant target.  

Read more »
Subscribe to: Posts (Atom)