THREAT ACTOR: UNC2546

Mandiant identified UNC2546 as the criminal hacker behind the cyberattacks and data theft involving Accellion’s legacy File Transfer Appliance product. Multiple Accellion FTA customers suffered attacks from UNC2546 and have received extortion emails threatening to publish stolen data on the “CL0P^_- LEAKS” .onion website. Some of the published victim data appears to have been stolen using the DEWMODE web shell.

 

Incidents Associated with this Threat

  • February 23, 2021: Jet Maker, Bombardier, Victim In Accellion Attack

Malware Used by this Threat Actor

No malware identified for this threat actor.

Pin It on Pinterest

Scroll to Top