FinTech Company Impacted by Log4j Says No to Paying the Ransom

A cyberattack has recently impacted ONUS, one of the biggest Vietnamese crypto trading platforms. Hackers targeted the company’s payment system where a vulnerable version of Log4j was running.

After the cyberattack happened, extortion followed, as hackers reportedly started to blackmail the firm to pay a ransom amounting to $5 million, otherwise, customer data would become public.

According to the BleepingComputer publication, the company refused to pay, so the information related to almost 2 million customers of ONUS ended up for sale on forums.

More Details Regarding the ONUS Incident

A Proof of Concept (POC) exploit appeared on Github around December 9 for the well-known and currently making headlines Log4j vulnerability classified as CVE-2021-44228. From then on, threat actors have seen an opportunity to massively exploit it.

One of their targets was an ONUS’s Cyclos server which ran a vulnerable version of Log4Shell. The hackers successfully managed to exploit it during the timeframe between December 11 and December 13. They also planted backdoors to make the access more powerful.

On December 13 a Cyclo’s advisory came out that reportedly let ONUS know about the fact that its systems must be patched, however, even if the Cyclos instance was patched, it seemed

Read More: https://heimdalsecurity.com/blog/fintech-company-impacted-by-log4j-does-not-pay-the-ransom/