Monday, December 4, 2023

UK’s Biggest Forensic Services Provider Paid Huge Ransom After Their Systems Lock Down by Sophisticated Ransomware

The UK based one of the most prominent forensic firm Eurofins Scientific suffering cyber attack with ransomware and, they paid to ransom to cybercriminals.

Eurofins Scientific work with the police department to solve tens of thousands of criminal cases each year across the U.K.

Eurofins computer network hit with a sophisticated ransomware attack which forces them to pay ransom to hackers.

It was unclear how much ransom amount was exchanged between hackers and the Forensic Firm which was attacked last month.

Read: Ransomware Attack Response and Mitigation Checklist

The ransomware attack hit the company, which accounts for over half of forensic science provision in the UK, on the first weekend in June.

Ransomware is one of the dangerous cyber attacks that infected the victim with highly strong encryption keys and lock down the system files to demand the ransom amount in order to unlock it.

A common factor of Ransomware is that very strong Encryption (2048 RSA key) method are using for all the Ransomware variant which is estimated to take around 6.4 quadrillion years to crack an RSA 2048 key by an average desktop computer.

According to BBC report, “The ransom is likely to have been paid between 10 June, when Eurofins issued a lengthy statement about the attack, and June 24 when it published an optimistic update, saying it had “identified the variant of the malware used” in the attack and had strengthened cyber-security”

The company said that they are investigating the incident with leading cybersecurity experts and also confirms that there is no evidence of any unauthorized theft or transfer of confidential client data.

“Eurofins deals with over 70,000 criminal cases in the UK each year. It carries out DNA testing, toxicology analysis, firearms testing and computer forensics for police forces across the UK.”

Also, an emergency police response to the cyber-attack was led by the National Police Chiefs’ Council (NPCC) to manage the flow of forensic submissions so DNA and blood samples which needed urgent testing were sent to other suppliers. BBC reported.

Eurofins said the attack was “well-resourced” but three weeks later said its operations were “returning to normal”.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity course online to keep yourself updated.


Latest articles

Hackers Use Weaponized Documents to Attack U.S. Aerospace Industry

An American aerospace company has been the target of a commercial cyberespionage campaign dubbed...

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles