Software AG Data Released After Clop Ransomware Strike – Report

2020-10-13 18:57

Clop and the group's signature malware has struck again - this time hitting a giant target in the form of German software conglomerate Software AG. The company isn't paying a mammoth $23 million ransom, and over the weekend it confirmed that the crooks were releasing company data, according to reports.

The company released a statement on October 5 publicly announcing the attack, adding, "While services to its customers, including its cloud-based services, remain unaffected, as a result, Software AG has shut down the internal systems in a controlled manner in accordance with the company's internal security regulations," the statement read. But that assessment turned out to be prematurely rosy.

"Today, Software AG has obtained first evidence that data was downloaded from Software AG's servers and employee notebooks," the company said in its follow-up statement.

"This recent attack against Germany's Software AG is one of the largest ransomware attacks, but it will certainly not be the last. Even with a complete security stack and a mature security operations team, organizations can still be vulnerable. The best we can do is keep our defenses up to date, including behavioral analytics tools that can identify new attack vectors, and educate our users to reduce the attack surface."

MalwareHunterTeam shared excerpts from the ransom note sent by Clop to Software AG, which included the warm greeting, "HELLO DEAR SOFTWARE AG." The ransom note continued more ominously, "If you refuse to cooperate, all data will be published for free download on our portal".

News URL

https://threatpost.com/software-ag-data-clop-ransomware/160042/

#ransomware #report