icefire attacks Best Servers LLC

Incident Date:

August 20, 2022

World map



icefire attacks Best Servers LLC


Best Servers LLC




Merrillville, USA

Indiana, USA

First Reported

August 20, 2022

IceFire Ransomware Attacks Best Servers LLC

Company Overview

Best Servers LLC is a business services company that provides IT solutions aimed at helping businesses thrive and maintain security in the rapidly evolving technological landscape. Their offerings encompass risk assessment and mitigation, managed services, and proactive maintenance, ensuring that client networks are consistently maintained, updated, and safeguarded against potential threats.

Vulnerabilities and Targeting

The recent attack on Best Servers LLC by the IceFire ransomware group underscores a growing trend of ransomware attacks targeting Linux enterprise networks. This shift marks a significant departure from IceFire's original focus on Windows systems, demonstrating an increased effort to exploit vulnerabilities within Linux systems. A notable vulnerability exploited in these attacks is CVE-2022-47986, a critical remote code execution (RCE) vulnerability found in IBM Aspera, which carries a CVSS rating of 9.8.

Impact and Response

The IceFire ransomware attack led to the encryption of files on Best Servers LLC's network, with the attackers demanding a ransom to avert data leakage and provide decryption keys. Details regarding the company's response to the attack remain sparse.

The incident involving Best Servers LLC and the IceFire ransomware highlights the critical need for robust cybersecurity defenses, especially in environments utilizing cloud computing and Linux systems. It is imperative for companies to remain vigilant, staying abreast of emerging threats and vulnerabilities, and to adopt proactive security measures to protect their networks and data assets.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.