Security News > 2021 > January > IObit forums hacked in widespread DeroHE ransomware attack
Windows utility developer IObit was hacked over the weekend to perform a widespread attack to distribute the strange DeroHE ransomware to its forum members.
Over the weekend, IObit forum members began receiving emails claiming to be from IObit stating that they are entitled to a free 1-year license to their software as a special perk of being a forum member.
Based on reports at IObit's forum and other forums [1, 2], this is a widespread attack that targeted all forum members.
Of particular interest, the Tor site states that IObit can send $100,000 in DERO coins to decrypt all victims, as the attackers blame IObit for the compromise.
To create the fake promotion page and host a malicious download, the attackers likely hacked IObit's forum and gained access to an administrative account.
Updated 01/19/20: A security researcher known as Ronny told BleepingComputer IOBit is using vBulletin 5.6.1 for their forum software.
News URL
Related news
- Surge in Magniber ransomware attacks impact home users worldwide (source)
- Keytronic reports losses of over $17 million after ransomware attack (source)
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)