Russian ransomware group reportedly behind Olympus attack

Sources claim the camera giant has been attacked by the Macaw malware

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A supposed ongoingransomwareoperation against camera giantOlympusis the work of the notorious Russia-based Evil Corp, according to reports.

Based on information from two anonymous sources with knowledge of the incident,TechCrunchsays the attack was caused by the Macawmalware, a variant of theWastedLocker malware, both of which are created by Evil Corp.

The ongoing campaign, which began on October 10, and has encrypted Olympus’ systems in the US, Canada and Latin America, follows anearlier BlackMatter-orchestrated attackon the camera giant in September that encrypted its infrastructure across the European, Middle East and Africa regions.

We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.

Click here to start the survey in a new window«

WhileOlympus has acknowledgedthat the October 10 “incident” has caused disruptions, it hasn’t commented on the nature of the attack.

Repeat victims

However, Olympus’ statement inadvertently hints to the fact that it has possibly been attacked by ransomware.

“The nature and scope of the incident is under further investigation and we continue to learn additional details, including the likelihood of data exfiltration,” read the statement.

Data exfiltration is part of the double-extortion strategy employed by most ransomware operatives, who, in addition to encrypting their victim’s files, also extract a copy of the sensitive ones, which they threaten to release to their competitors.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Allan Liska, a senior threat analyst at security firm Recorded Future, toldTechCrunchthat the Macaw malware leaves behind a ransom note on hacked computers that claims to have stolen data from its victims, lending credence to the claims of the anonymous sources.

Unlike Olympus, the Sinclair Broadcast Group, which owns or operates 185 television stations across more than 80 markets, didacknowledge last weekthat the Macaw malware led to severe disruptions.

ViaTechCrunch

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

This new phishing strategy utilizes GitHub comments to distribute malware

Smeg Combi Steam Oven review: a multi-functional countertop oven that looks stunning and cooks well