TechCrunch said WD wouldn't provide any updates or verify the crooks' claims, and that the miscreants would only share that they "exploited vulnerabilities within their infrastructure and spidered our way to global administrator of their Azure tenant," to pull the attack off.
According to WD's statements, the attack was identified on March 26, and was being investigated. Western Digital has mostly stayed quiet about the attack, which the company disclosed on April 2. We will strike back," the attackers allegedly told Western Digital in an email. But if there are any efforts to interfere with us, our systems, or anything else. "We only need a one-time payment, and then we will leave your network and let you know about your weaknesses. The perpetrator's goal is apparently to make money by threatening further damage to Western Digital systems, more releases of company data, or otherwise making life difficult for the company. The attackers also made off with data from Western Digital's SAP Backoffice instance, emails, and files stolen from other cloud services, it is claimed. Cryptographic keys were also reportedly found in the trove, giving crims the ability to digitally sign certificates as Western Digital and therefore create malicious files and pass them off as legit WD materials. The apparent thieves, who spoke to TechCrunch earlier this week, said they made off with what they claim to be around 10 terabytes of internal data from the company, including customer and employee information. Miscreants claiming to be behind a ransomware infection at disk-maker Western Digital earlier this month said they have yet to be ejected from the company's systems, and are willing to leave, keep any stolen data under wraps, and share how they got in with WD if paid a ransom of at least eight figures. The updated Chrome also includes "various fixes from internal audits, fuzzing and other initiatives." Extortionists demand eight-figure sum from Western Digital to not release '10TB of data'
0 kommentar(er)
