Camera giant Olympus hit by ransomware attack

(Image credit: Shutterstock)
Audio player loading…

Famous camera maker Olympus (opens in new tab) claims it is investigating “a potential cybersecurity (opens in new tab) incident” that’s affected its computers across the European, Middle East and Africa regions.

However, an anonymous source familiar with the incident told TechCrunch that Olympus is grappling with a ransomware (opens in new tab) attack that began on September 8, 2021. 

Interestingly, the source shared details about the incident with TechCrunch prior to Olympus acknowledging the incident.

TechRadar needs yo...

We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.

>> Click here to start the survey in a new window (opens in new tab) <<

“We are currently working to determine the extent of the issue and will continue to provide updates as new information becomes available. We apologize for any inconvenience this has caused,” read (opens in new tab) Olympus’ official statement.

A victim of BlackMatter?

In its statement put out on Saturday, 11 September, Olympus did acknowledge that it first detected “suspicious activity” on September 8. Once alerted, the company claims its specialized response team was quick to act, and is working with forensics experts to help resolve the issue.

“As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners,” Olympus informs.

The anonymous source however shared with TechCrunch the ransomware note left behind by the Olympus attackers. 

Decrypting the purported note, ransomware expert and threat analyst at Emsisoft (opens in new tab), Brett Callow, believes the attack seems to be orchestrated by BlackMatter.

BlackMatter is a new ransomware-as-a-service (RaaS) threat actor, which the cybersecurity community claims to have risen from the ashes of the notorious DarkSide RaaS operator. 

Emsisoft has also found technical links (opens in new tab) between Darkside and BlackMatter, which has apparently chalked up over 40 victims since its appearance (opens in new tab) earlier this year in June, 2021.

Olympus didn’t immediately respond to our email asking for confirmation whether it has indeed been the target of a BlackMatter campaign.

Via TechCrunch (opens in new tab)

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.