Google security researchers say hackers aimed at company executives with blackmail have stolen data from “dozens of organizations”, one of the first signs that the hacking campaign may be extensive.
The technological giant said on Thursday in a statement shared with TechCrunch that the Clop blackmail gang has exploited multiple safety vulnerabilities in Oracle’s e-business suite software to steal significant amounts of data from affected organizations.
Oracle’s e-business software allows companies to perform their activities, such as storing their customers ‘data and their employees’ human resources records.
Said Google to A corresponding blog post That the hacking campaign aimed at Oracle customers dates back to at least July 10, about three months before the fees are detected.
Oracle admitted earlier this week that hackers behind the blackmail campaign were still abusing her software to steal personal information about companies and their companies. The days earlier, Oracle’s security chief, Rob Duhart, claimed in the same post – since it was cleared – that the blackmail campaign was linked to the previously identified vulnerabilities that Oracle had ended in July, indicating that the hacks were over.
But in a counseling Posted on the weekend, Oracle said the zero-day error-called because Oracle had no time to correct the error, as hackers had already exploited “could” take advantage of a network without the need for username and password. ”
The Clop gang linked to Russia and the gang of blackmail has made a name for itself in recent years for mass production campaigns, often involved in abuse of vulnerable points unknown to the software supplier as they exploited, to steal large amounts of corporate and customers. This includes managed file transfer tools, such as Cleo, Moveit and GoanyWhere, which companies use as a way to send sensitive corporate data online.
Google blog post includes email addresses and other technical details that network defenders can use to search for blackmail emails and other indications that Oracle systems may have been violated.
