Software AG appears to have been hit by the ransom, and the German IT giant itself claimed that the country’s stock market had been hit by a malware attack.
In an announcement for the German trade fair published at the beginning of the week, Software AG stated that its IT infrastructure has been operational since the evening of the third day. October 2020 exposed to a malware attack.
The news of the malicious attack is slowly filtered out in English, although the German news agency published a small article last night that was broadcast on obscure investment sites.
The report also indicates that the data was downloaded from Software AG’s servers and employees’ laptops.
Although customer services, including cloud computing services, are not affected by this situation, which explains why Software AG has shut down its internal systems in a controlled manner in accordance with the company’s internal security rules, the company’s opinion has been made public.
The Company is in the process of restoring its systems and data in order to resume normal operations. However, Software AG’s technical support and internal communications remain at risk.
He went on to say: Software AG is not aware that the customer data has been accessed by a malware attack.
The Registry has requested a statement from Software AG. At the time of writing, on the main page of the company, visitors refer to important customer information, but only for technical questions that need to be confirmed with our online support system, although with a link to the exhibition overview.
At least one customer didn’t seem to know what was going on:
@SoftwareAG Problems with the documentation page? I haven’t had access to it for a few days, the answer is connection time.
– Graham Raduga (@zippygwr) 9. October 2020
Screenshots from the cybercriminal buyout website that El Reg saw included scans of employee passports, internal invoices and seemingly internal folders on a Windows-based system. The names of the folders suggest that the content may refer to Software AG customers in the United States and Canada.
Brett Callow, a threat analyst at Emsisoft, a ransom company, told the Registry that the version of the Clop ransom software allegedly used in the attack was relatively new.
Double team for the attack on a German hospital that resulted in the death of patient
LEARN MORE
Clop is a variant of CryptoMix and can be used by the group behind the Dridex bank. Like REvil and NetWalker, it is mainly used to work with corporate networks, with known victims in the past, including celebrities and ExecuPharm. Bug’s claims could run into millions.
He generally talked about the dark world of salvation, Callow said: In 2018, the average receivable was $5,000. Most of the victims were small businesses. Today, the average claim is between $150,000 and $250,000, with multi-million dollar claims increasingly becoming the norm and victims, including multinational corporations, governments and hospitals. As a result, criminals are better equipped and more motivated than ever.
It supported growing demand and came to the conclusion, as we have said before, that the only way to stop this escalation and silence this multi-billion dollar industry behind our backs is to prohibit the payment of compensation. When the source of income dries up, the attacks dry up.
We are aware that the claim against Software AG is in the millions of dollars, and we will update this article when the company provides more detailed information. ®
Related Tags:
software ag attack,clop ransomware,software ag stock