Abuse.ch cybersecurity experts: Corporate web proxy operators shoud block outgoing network traffic towards api.telegram .org. The malware until now exploited FTP or SMTP.
Ransomware attacks against companies are on the rise. A cybercrime malware forced Boardriders to shut down computing systems all over the world
Ransomware attacks against companies are on the rise. QuikSilver and Billabong, two Boardriders’s brands, have been hit by cybercrime malware, that forced the company to shut down computing systems all over the world. As a result, there were messages on several of the company’s e-commerce sites globally, that it was experiencing delays and offering shoppers 20% off orders. Then Boardriders released a statement to Shop-Eat-Surf explaining that recently it “was exposed to an increasingly common computer virus that impacted some of our systems in some regions. Our IT teams have been working to quickly restore our systems to support our operations, which are now largely transacting and shipping normally”. The company didn’t explain which kind of cyber attack suffered but, according to Bleeping Computer, sources familiar with the matter told that they were affected by ransomware. Furthermore, this attack occurred during the last week of October 2019.
Also Everis (hit by BitPaymer), NTT DATA and Cadena SER suffered the same destiny
Cybercrime hit recently other big targets with ransomware: Everis , one of Spain’s largest managed service providers (MSP) and an NTT DATA company, which had its computers encrypted last Monday with BitPaymer. “The network has been disconnected with clients and between offices. We will keep you updated. Please, send urgently the message directly to your teams and colleagues due to standard communication problems,” Everis said in an internal memo at the time. Furthermore, Spain’s largest radio station Cadena SER (Sociedad Española de Radiodifusión) was impacted the same day in an attack that used an unknown ransomware strain. After the attack, also the radio station was forced to disconnect all of its computers from the Internet and to continue transmitting using equipment at its Madrid headquarters. Spain’s Department of National Security (Departamento de Seguridad Nacional) and INCIBE (Instituto Nacional de Ciberseguridad) confirmed the malware aggression against Cadena SER.