HomesecuritySangoma was attacked by Conti ransomware

Sangoma was attacked by Conti ransomware

Sangoma has uncovered a data breach after stealing files during a recent Conti ransomware attack.

Sangoma is a provider of "voice over IP hardware" and software for the popular FreePBX PBX open source telephone system that allows organizations to set up a low cost corporate telephone system in network their.

Accounts

Yesterday, the Conti ransomware gang posted more than 26 GB of data on the ransomware leak site that was stolen by Sangoma during the recent attack on cyberspace. This leaked data includes files related to accounting, finance, acquisitions, benefits and salaries of workers and the legal documents of the company.

Accounts

Today, Sangoma confirmed that the ransomware attack resulted in data breaches following the publication of online private and confidential company information and employees her.

Sangoma Technologies Corporation (TSXV: STC) (or "Sangoma") announced that as a result of a ransomware cyber attack on one of their servers of the company, were published online privately and confidentially yesterday data owned by the company, ”he said in an advisory.

In attacks against software developers, there is always the concern that their products have been modified to deliver malware in supply chain attacks, as has been the case with the recent cyber attack of Solarwinds.

In the data breach disclosure, Sangoma assures its customers and users that there is no indication that customer or products Sangoma have been violated because of this attack.

"There is no initial indication that customer accounts have been compromised, nor that Sangoma products or services have been affected as a result of this violation. While the research continues and with great care, the company recommends to customers to change them passwords ", the company stated in the advisory.

The ransomware company behind this attack is known as Conti, which was first identified in individual attacks in late December 2019, with the attacks gradually increasing from June 2020.

This ransomware shares code with Ryuk Ransomware and is known to be distributed by trojan TrickBot.

Conti 's attackers violate corporate networks and spread sideways until they gain access to domain admin credentials to develop ransomware payloads used for encryption of devices.

Conti hackers released their own data leak site by posting them date twenty-six victims in August 2020 after operating as a private company Ransomware-as-a-Service (RaaS) which hires experienced hacker to develop ransomware in exchange for large percentages money by ransom that gathers.

Source of information: bleepingcomputer.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Teo Ehc
Teo Ehchttps://www.secnews.gr
Be the limited edition.
spot_img

LIVE NEWS