Famous camera maker Olympus (opens in new tab) claims it is investigating “a potential cybersecurity (opens in new tab) incident” that’s affected its computers across the European, Middle East and Africa regions.
However, an anonymous source familiar with the incident told TechCrunch that Olympus is grappling with a ransomware (opens in new tab) attack that began on September 8, 2021.
Interestingly, the source shared details about the incident with TechCrunch prior to Olympus acknowledging the incident.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
>> Click here to start the survey in a new window (opens in new tab) <<
- We’ve also compiled a list of the best ransomware protection tools (opens in new tab)
- These are the best malware removal (opens in new tab) software on the market
- Check our list of the best firewall apps and services (opens in new tab)
“We are currently working to determine the extent of the issue and will continue to provide updates as new information becomes available. We apologize for any inconvenience this has caused,” read (opens in new tab) Olympus’ official statement.
A victim of BlackMatter?
In its statement put out on Saturday, 11 September, Olympus did acknowledge that it first detected “suspicious activity” on September 8. Once alerted, the company claims its specialized response team was quick to act, and is working with forensics experts to help resolve the issue.
“As part of the investigation, we have suspended data transfers in the affected systems and have informed the relevant external partners,” Olympus informs.
The anonymous source however shared with TechCrunch the ransomware note left behind by the Olympus attackers.
Decrypting the purported note, ransomware expert and threat analyst at Emsisoft (opens in new tab), Brett Callow, believes the attack seems to be orchestrated by BlackMatter.
BlackMatter is a new ransomware-as-a-service (RaaS) threat actor, which the cybersecurity community claims to have risen from the ashes of the notorious DarkSide RaaS operator.
Emsisoft has also found technical links (opens in new tab) between Darkside and BlackMatter, which has apparently chalked up over 40 victims since its appearance (opens in new tab) earlier this year in June, 2021.
Olympus didn’t immediately respond to our email asking for confirmation whether it has indeed been the target of a BlackMatter campaign.
- Protect your devices with these best antivirus software (opens in new tab)
Via TechCrunch (opens in new tab)