Security News > 2021 > January > IObit forums hacked in widespread DeroHE ransomware attack
Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.
Over the weekend, IObit forum members began receiving emails claiming to be from IObit stating that they are entitled to a free 1-year license to their software as a special perk of being a forum member.
Based on reports at IObit's forum and other forums [1, 2], this is a widespread attack that targeted all forum members.
Of particular interest, the Tor site states that IObit can send $100,000 in DERO coins to decrypt all victims, as the attackers blame IObit for the compromise.
To create the fake promotion page and host a malicious download, the attackers likely hacked IObit's forum and gained access to an administrative account.
Updated 01/19/20: A security researcher known as Ronny told BleepingComputer IOBit is using vBulletin 5.6.1 for their forum software.
News URL
Related news
- JPCERT shares Windows Event Log tips to detect ransomware attacks (source)
- Ransomware attack forces UMC Health System to divert some patients (source)
- Over 4,000 Adobe Commerce, Magento shops hacked in CosmicSting attacks (source)
- Underground ransomware claims attack on Casio, leaks stolen data (source)
- Casio confirms customer data stolen in a ransomware attack (source)
- Schools bombarded by nation-state attacks, ransomware gangs, and everyone in between (source)
- BianLian ransomware claims attack on Boston Children's Health Physicians (source)
- Microsoft: Ransomware Attacks Growing More Dangerous, Complex (source)
- Tech giant Nidec confirms data breach following ransomware attack (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)