Η Canon υπέστη επίθεση από ransomware που επηρεάζει πολλές services, όπως το email της Canon, το Microsoft Teams, τον ιστότοπο της εταιρείας στις ΗΠΑ, την υπηρεσία αποθήκευσης φωτογραφιών, το βίντεο cloud και άλλες εσωτερικές εφαρμογές.
Η συγκεκριμένη επίθεση έχει σαν αποτέλεσμα την απώλεια δεδομένων για τους users της δωρεάν δυνατότητας αποθήκευσης των 10 GB.
According to a company announcement released on subdamain image.canon, Canon's services ceased operations on July 30, 2020 for six days. The subdamain image.canon started displaying status updates from yesterday, August 4th.
Ωστόσο, η τελευταία information κατάστασης ήταν παράξενη καθώς αναφέρει ότι ενώ τα δεδομένα χάθηκαν, “δεν υπάρχει κάποια διαρροή δεδομένων εικόνας.”
Today, the BleepingComputer he says that Canon "is experiencing widespread system issues affecting many applications, groups, emails and other systems that may not be available at this time."
From this particular shutdown, the Canon USA website displays errors if you try to log in, as shown in the image below:
BleepingComputer also published a screenshot that supposedly shows the ransom note, and as it mentions it is a Maze ransomware.
Σύμφωνα με την BleepingComputer οι hackers ισχυρίζονται ότι έχει κλέψει 10 TB δεδομένα από την Canon, “10 terabyte δεδομένων, ιδιωτικές fundamentals δεδομένων κλπ.”
When they came in contact with the hacker he refused to give further information about the attack, such as the amount of ransom he is asking for, a proof of the stolen data and the extent of the attack.
Maze ransomware targets businesses, which is secretly distributed through a network, until it gains access to an administrator account and the Windows domain controller of the system.
During this process, the malware steals unencrypted files from servers and backups. He uploads the stolen files to his own servers.
Once it has collected anything of value ransomware starts running all over the network to encrypt all the devices.
If the victim does not pay the ransom, the hacker behind the attack will publicly release the stolen victim files.
Maze ransomware has hit many other high-profile victims in the past, including LG, Xerox, Conduent, MaxLinear, Cognizant, Chubb, VT San Antonio Aerospace, City of Pensacola, Florida and more.
