Unpatched VPN makes Travelex latest victim of “REvil” ransomware

It may take longer to get your money changed when you travel, since Travelex is doing everything on paper because of a ransomware attack.

Enlarge / It may take longer to get your money changed when you travel, since Travelex is doing everything on paper because of a ransomware attack. (credit: iStock Editorial/Getty Images)

In April of 2019, Pulse Secure issued an urgent patch to a vulnerability in its popular corporate VPN software—a vulnerability that not only allowed remote attackers to gain access without a username or password but also to turn off multi-factor authentication and view logs, usernames, and passwords cached by the VPN server in plain text. Now, a cybercriminal group is using that vulnerability to target and infiltrate victims, steal data, and plant ransomware.

Travelex, the foreign currency exchange and travel insurance company, appears to be the latest victim of the group. On New Year's Eve, the company was hit by Sodinokibi ransomware, also known as REvil. The ransomware operators contacted the BBC and said they want Travelex to pay $6m (£4.6m). They also claimed to have had access to Travelex's network for six months and to have extracted five gigabytes of customer data—including dates of birth, credit card information, and other personally identifiable information.

"In the case of payment, we will delete and will not use that [data]base and restore them the entire network," the individual claiming to be part of the Sodinokibi operation told the BBC. "The deadline for doubling the payment is two days. Then another seven days and the sale of the entire base."

Read 5 remaining paragraphs | Comments

https://arstechnica.com/?p=1640787

Source: Ars Technica

By:

To replace gas taxes, Oregon and Utah ask EVs to pay for road use
To replace gas taxes, Oregon and Utah ask EVs to pay for road use ...
Jan/03/2020
Researchers find 17 Google Play apps that bombard users with battery-draining ads
Researchers find 17 Google Play apps that bombard users with battery-draining ads ...
Jan/14/2020
Lexus had its European design team imagine vehicles for moon mobility
Lexus had its European design team imagine vehicles for moon mobility ...
Jan/17/2020
Dark Overlord taunted, threatened, and extorted. Now alleged member is behind bars
Dark Overlord taunted, threatened, and extorted. Now alleged member is behind bars ...
Dec/20/2019
Tesla is now worth more than Ford and GM—combined
Tesla is now worth more than Ford and GMcombined ...
Jan/13/2020
AT&T announces deal to spin off DirecTV into new company owned by… AT&T
ATT announces deal to spin off DirecTV into new company owned by ATT ...
Feb/27/2021