Security News > 2024 > January > Infostealer malware, weak password leaves Orange Spain RIPE for plucking

Infostealer malware, weak password leaves Orange Spain RIPE for plucking
2024-01-04 13:15

A weak password exposed by infostealer malware is being blamed after a massive outage at Orange Spain disrupted around half of its network's traffic.

The malware had infected the account of an Orange Spain employee.

The password was revealed to be "Ripeadmin" - a simple and easily guessable password for an important account.

"Snow" documented the attack via a freshly minted X account, goading Orange Spain and encouraging it to reach out and request the new RIPE admin credentials after they were breached and changed.

Orange Spain confirmed its RIPE account was breached via its X account, adding that service was restored shortly after acknowledging the outage.

Beaumont said he's seen credentials to thousands of different RIPE accounts on infostealer marketplaces, and expects a wave of similar attacks to take place now the incident at Orange Spain has been publicized.


News URL

https://go.theregister.com/feed/www.theregister.com/2024/01/04/orange_spain_outage_breach/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Orange 6 0 5 0 3 8