Ransomware, Data Security, Privacy

Akira ransomware claims attack against Lush

Share

Major British cosmetics retailer Lush was claimed to have been compromised by the Akira ransomware operation, The Register reports. More than 100 GB of data were exfiltrated from Lush, including employees' personal documents such as passport scans, as well as files about the company's projects, finances, taxes, accounting, and clients, according to Akira ransomware. However, there has not been any indication that customer data has been impacted. Such claims by Akira have not yet been responded to by Lush, which previously noted that it had begun investigating a cybersecurity incident that disrupted its operations. "It is unclear if this was a ransomware attack or simple extortion as Sophos Incident Response Services has observed this crew to engage in either or both activities with their victims. If it was extortion without an encryption component this could be why there has been no visible external disruption to Lush's operations," said Sophos Director and Global Field Chief Technology Officer Chester Wisniewski.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Related

Novel WolfsBane backdoor leveraged in Chinese attacks against Linux systems

Attacks with Wolfsbane commence with the deployment of the 'cron' dropper delivering the KDE desktop component-spoofing launcher, which deactivates SELinux and alters user configuration files before triggering the privacy malware component that has file operation, data theft, and system manipulation command support, an analysis from ESET revealed.

ONNX phishing-as-a-service operation disrupted

Organizations in the financial services sector have been primarily targeted by the ONNX, whose Telegram-based operations had been cut off following a court order that allowed Microsoft to transfer the PhaaS platform's infrastructure to its servers, according to Microsoft Digital Crimes Unit Assistant General Counsel Steven Masada.

Related Events

Related Terms

AuthenticityBlock CipherChecksumCiphertextCryptographic Algorithm or HashCryptographic Hash FunctionsCyclic Redundancy Check (CRC)Data Loss Prevention (DLP)Data WarehousingDigital Certificate

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.