With the arrival of 2022, ransomware operators are back in business. It had only been a week into the new year when investigators administered a notification about the newly discovered Lapsus$ ransomware.
What's the latest?
- During the New Year's holiday, Impresa, Portugal's largest media conglomerate, was infected with the new Lapsus$ ransomware.
- The gang claimed responsibility for the attack by defacing all Impresa websites with a ransom note.
- The attack, however, had no effect on radio or cable television broadcasts.
- While the company has reclaimed control of many of its impacted sites, the gang claims to still have access to company resources.
The overall picture
- The Lapsus$ group had hacked several other organizations since its discovery in December 2021.
- This included an attack on the websites of Brazil's Ministry of Health, which resulted in the loss of COVID-19 vaccination data for millions of citizens.
- Claro and Embratel, two South American telecommunications companies, were the other two victims.
For cybercriminals, ransomware is a lucrative business. It's working and it's paying off. With each passing year, threat actors become more creative in their extortion and propagation techniques, posing a significant threat to organizations. Instead of becoming a sitting duck for such threats, organizations must strengthen their cybersecurity posture by implementing a robust backup process and detection measures for malicious activities.
Airzero Sec is leading the way in innovation to help you overcome your most difficult security challenges. If you have any questions about newly discovered Lapsus$ ransomware targets, please contact us.
Author - Johnson Augustine
Ethical Hacker and Data Security Researcher
Founder: Airo Global Software Inc
LinkedIn Profile: www.linkedin.com/in/johnsontaugustine/