icefire attacks 37sur
Incident Date:
August 20, 2022
Overview
Title
icefire attacks 37sur
Victim
37sur
Attacker
Icefire
Location
First Reported
August 20, 2022
IceFire Ransomware Attack on 37sur
Company Overview
37sur is a telecommunications company that aims to provide a secure and agile internet service, focusing on customer satisfaction. They have a strong commitment to teamwork and expanding their services to new locations while adapting to new technologies.
Vulnerabilities and Targeting
IceFire ransomware is known to exploit vulnerabilities in IBM Aspera Faspex, a file-sharing software, to gain access to systems. The attackers exfiltrate all enticing data prior to encrypting devices, and victims are then extorted into paying the ransom to prevent leakage and decrypt their data.
Impact and Response
In many cases, even after payment of the IceFire ransom, the decryption key is not sent by the criminals, and in these cases, there is no higher authority to turn to. Digital Recovery, a company specializing in ransomware decryption, offers solutions to recover data encrypted by IceFire ransomware on the majority of storage devices.
The IceFire ransomware attack on 37sur underscores the critical need for robust cybersecurity measures, especially in the telecommunications sector, where the potential for significant damage is high. Companies should regularly review and remove unnecessary access, monitor network traffic, and have an incident response plan in place to respond quickly and effectively to ransomware attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.