Automotive Group Hit in Ransomware Attack
INCIDENT
A U.S.-based automotive group of dealerships fell victim to a new ransomware attack group threatening to drop 200 GB of exfiltrated data unless the group pays $400,000.
The attack is a variant of ransomware called Colossus that affects machines running Microsoft Windows operating systems, according to a report by the ZeroFox Threat Intelligence team. The sample has features including binary packing via Themida and sandbox evasion capabilities. The ransomware has a support website for setting up communications with victims, which most likely launched September 20.