• Skip to main content
  • Skip to header right navigation
  • Skip to site footer
iGuRu

iGuRu

Real-time Technology News. Opinions & Tweaks

  • / news
  • / infosec
  • / tools
  • / tweaks
  • / dummies
  • / opinions
  • / support
  • / yourpost
home / News / SoftServe ransomware victim

SoftServe ransomware victim

11/09/2020 10:00 by Anastasis Vasileiadis

Ukrainian software company and IT service provider SoftServe was attacked by ransomware on September 1, which may have led to the theft of their customers' source code.

Screenshot 2020 09 11 SoftServe hit by ransomware Windows customization tool exploited - SoftServe victim ransomware

With more than 8.000 employees and 50 offices worldwide, SoftServe is one of the largest companies in Ukraine offering software development and IT consulting services.

News of a cyber attack on SoftServe first surfaced on the Telegram DС8044 Kyiv Info channel, where an alleged message was sent by the company to its employees.

"Today at 1 p.m. SoftServe was attacked. The hackers have access to the company's infrastructure and managed to start ransomeware encryption along with some other malware. "

In a later statement on a Ukrainian technology news page, SoftServe confirmed that an attack had taken place, prompting them to disconnect their customers to prevent it from spreading.

"Yes, there was an attack today. The most important consequences of the attack are the temporary loss of functionality of a part of the mail system and the interruption of some of the auxiliary test environments. "As far as we can tell, this is the biggest impact of the attack and the other systems or customer data were not affected."

"In order to prevent the spread of the attack, we have isolated certain parts of our network and restricted communication with customer networks. We prepare a message to our customers about the situation. At the same time as resuming services, we are investigating the incident itself, so we are not prepared to comment on who exactly did it. " said Adrian Pavlicevic, Senior Vice President of Informatics at SoftServe.

According to the SoftService incident, the attackers exploited a DLL vulnerability that violated the legal application Rainmeter to develop their ransomware.

Rainmeter is a legitimate Windows customization tool that loads a Rainmeter.dll at startup.

During the attack, hackers replaced the legal Rainmeter.dll with a malicious version written from the source code of the application.

According to her scouts VirusTotal, Rainmeter.dll is recognized as Win32 / PyXie.A.

In one reference of BlackBerry since 2019, PyXie is a Python Remote Access (RAT) trojan known to exploit malicious DLL vulnerabilities in other software such as LogMeIn and Google Update.

BlackBerry researchers say they have seen evidence that this RAT has been used in ransomware attacks.

SoftServe ransomware victim was last modified: 11 September, 2020, 10: 00 am by Anastasis Vasileiadis

spread the news

  • Facebook
  • Twitter
  • Reddit
  • Printing
  • Email

Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News


Competition: Newstag: ransomware, Softserve

You May Also Like

Hacked the forum of the software company IOBit
ransomware
Ransomware Task Force new team with Microsoft and McAfee
45 million medical operations exposed on the internet

About Us Anastasis Vasileiadis

Translations are like women. When they are beautiful they are not faithful and when they are faithful they are not beautiful.

Previous Post: « MoodleMoot Greece-Cyprus 2020 Call for submissions
Next Post: KeePass 2.46 has released a new update »

Reader Interactions

Comment Policy:

IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators


Leave your comment
Ακύρωση απάντησης

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *

 

 © 2021 · iGuRu.gr · ☢ · Keep It Simple Stupid Genesis theme

about  ·   get in touch  ·  rss  ·  sitemap  ·  cough

loading Cancel
Could not post post - check your email address!
Email verification failed, please try again
Your blog can not post posts via email.