Netfilm ransomware operators targeted the Orange mobile operators and have published a part of the stolen information on the dark web as proof of the attack.
Netfilm ransomware operators targeted the Orange mobile operators and have published a part of the stolen information on the dark web as proof of the attack.
Orange Company
Orange is a French telecommunications company, founded in 1988. It is the fourth-largest mobile operator in Europe with around 266 million customers and 148,000 employees.
Orange confirmed to Bleeping Computer that it had suffered a ransomware attack on the night of 4th July to 5th July 2020, that targeted their Orange Business Services division and Orange team immediately took all necessary solutions required to protect the security systems.
Netfilm ransomware actors were behind this attack as Orange was added to the Netfilm dark leak site and stated that they breached the company through their “Orange Business Solutions” division.
According to the security experts, that attack has compromised data hosted on Neocles IT platforms “Le Forfait Informatique”, and no other internal servers were affected. The hackers gained access to the data of around 20 PRO/SME customers hosted by the platform.
The “Le Forfait infrmatique” is a software platform that allows enterprise customers to host virtual workstations in the cloud while outsourcing IT support for these hosted workstations to Orange Business Services.
Ransom operators published a 339 MB file titled as “Orange_leak_part1.rar” that contained stolen data of Orange.
The archive consists of various sensitive and operational documents of AeroTechnique Espace (ATE), a French aircraft painting company that had been acquired by Air works. The stolen data also includes records of Avions de transport regional (ATR)m a Franco-Italian aircraft manufacturer based in France.
The orange company apologized for the inconvenience caused and has notified all the affected customers of the data breach, and the company continues to monitor and investigate this breach.
Netfilm ransomware
Netfilm ransomware was discovered in March this year that has the habit of stealing data to force ransom payment. As per the reports, Netfilm uses AE-128 encryption to encrypt the victim’s file. The ransomware is also capable of controlling payments through email communication rather than Tor payment site and data encrypted by it can be described by using RSA private key only.
“Orange certainly followed best practices by promptly disclosing the breach to its business customers, who will need to take all the possible precautions to make their data unusable in future attacks: changing the password of their accounts and looking out for potential phishing or spear-phishing emails, ” said Tarik Saleh, a senior security engineer at DomainTools.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: “BlueLeaks” Exposes Data of 200 US police Departments and Exposed Online