Cyber crime officers at Leicestershire Police alerted us to a ransomware threat which targets vulnerabilities in SonicWall devices, with a local business being hit.
This comes after the Cybersecurity and Infrastructure Security Agency (CISA) warned of threat actors targeting "a known, previously patched, vulnerability" found in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life firmware, as reported by Bleeping Computer recently.
But what does this mean?
Well, the US federal agency added that the attackers can exploit this security vulnerability as part of a targeted ransomware attack.
SonicWall had issued an "urgent security notice" warning customers via email of the "imminent risk of a targeted ransomware attack."
The CISA urges users and administrators to review the SonicWall security notice and upgrade their devices to the latest firmware or immediately disconnect all end-of-life appliances.
Hello HelloKitty?
CISA and SonicWall did not reveal the identity of the threat attackers behind these attacks, but Bleeping Computer was told by a source in the cybersecurity industry that the HelloKitty ransomware group has been exploiting the vulnerability for the past few weeks.
Cybersecurity firm CrowdStrike also confirmed to BleepingComputer that the ongoing attacks are attributed to multiple threat actors, including HelloKitty.
HelloKitty are not to be confused with the supercute fictional character produced by the Japanese company Sanrio, HelloKitty in this sphere is a human-operated ransomware operation active since November 2020, mostly known for encrypting the systems of CD Projekt Red and claiming to have stolen Cyberpunk 2077, Witcher 3, Gwent, and other games' source code.
So to reiterate, the CISA are urging users and administrators to review the SonicWall security notice and upgrade their devices to the latest firmware or immediately disconnect all end-of-life appliances.
Reporting
Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).
Comentarios