icefire attacks Best Servers LLC
Incident Date:
August 20, 2022
Overview
Title
icefire attacks Best Servers LLC
Victim
Best Servers LLC
Attacker
Icefire
Location
First Reported
August 20, 2022
IceFire Ransomware Attacks Best Servers LLC
Company Overview
Best Servers LLC is a business services company that provides IT solutions aimed at helping businesses thrive and maintain security in the rapidly evolving technological landscape. Their offerings encompass risk assessment and mitigation, managed services, and proactive maintenance, ensuring that client networks are consistently maintained, updated, and safeguarded against potential threats.
Vulnerabilities and Targeting
The recent attack on Best Servers LLC by the IceFire ransomware group underscores a growing trend of ransomware attacks targeting Linux enterprise networks. This shift marks a significant departure from IceFire's original focus on Windows systems, demonstrating an increased effort to exploit vulnerabilities within Linux systems. A notable vulnerability exploited in these attacks is CVE-2022-47986, a critical remote code execution (RCE) vulnerability found in IBM Aspera, which carries a CVSS rating of 9.8.
Impact and Response
The IceFire ransomware attack led to the encryption of files on Best Servers LLC's network, with the attackers demanding a ransom to avert data leakage and provide decryption keys. Details regarding the company's response to the attack remain sparse.
The incident involving Best Servers LLC and the IceFire ransomware highlights the critical need for robust cybersecurity defenses, especially in environments utilizing cloud computing and Linux systems. It is imperative for companies to remain vigilant, staying abreast of emerging threats and vulnerabilities, and to adopt proactive security measures to protect their networks and data assets.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.