Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Share Post: Reddit Facebook
Insurance giant CNA hit by new Phoenix CryptoLocker ransomware
#1
[Image: EwwnVPJ.jpg]

Insurance giant CNA has suffered a ransomware attack using a new variant called Phoenix CryptoLocker that is possibly linked to the Evil Corp hacking group.

This week, BleepingComputer reported that CNA had suffered a cyberattack impacting their online services and business operations.


Soon after we reported on the attack, CNA issued a statement confirming that they had suffered a cyber attack last weekend.

"On March 21, 2021, CNA determined that it sustained a sophisticated cybersecurity attack. The attack caused a network disruption and impacted certain CNA systems, including corporate email," CNA disclosed in a statement.

CNA hit by a ransomware attack

Since our first reporting, BleepingComputer has confirmed that CNA suffered an attack by a new ransomware known as 'Phoenix CryptoLocker.'

Sources familiar with the attack have told BleepingComputer that the threat actors deployed the ransomware on CNA's network on March 21, where it proceeded to encrypt over 15,000 devices on their network.

BleepingComputer has learned that it also encrypted the computers of employees working remotely who were logged into the company's VPN at the time of the attack.

When encrypting devices, the ransomware appended the .phoenix extension to encrypted files and created a ransom note named PHOENIX-HELP.txt, as shown below.


Continue reading HERE
Reply


Messages In This Thread
Insurance giant CNA hit by new Phoenix CryptoLocker ransomware - by tarekma7 - 03-26-2021 , 07:22 PM

Possibly Related Threads…
Thread Author Replies Views Last Post
  Digital security giant Entrust breached by ransomware gang mrtrout 0 896 07-23-2022 , 12:02 AM
Last Post: mrtrout
  Action Fraud Warns of Ongoing UK National Insurance Scam mrtrout 0 1,047 03-27-2021 , 03:56 AM
Last Post: mrtrout
  Payroll giant PrismHR outage likely caused by ransomware attack Bjyda 0 1,255 03-04-2021 , 12:00 AM
Last Post: Bjyda
  Finnish IT giant TietoEVRY discloses ransomware attack Bjyda 0 941 02-23-2021 , 11:20 PM
Last Post: Bjyda
  Hackers Who Hit Leading Israeli Insurance Firm Trying to Sell Details Online Bjyda 0 1,181 02-21-2021 , 10:08 PM
Last Post: Bjyda



Users browsing this thread: 1 Guest(s)