icefire attacks Kod hosting
Incident Date:
August 20, 2022
Overview
Title
icefire attacks Kod hosting
Victim
Kod hosting
Attacker
Icefire
Location
First Reported
August 20, 2022
IceFire Ransomware Targets Kod Hosting
Company Profile
Kod Hosting is a web hosting provider that offers a range of services, including DDR5 RAM servers, OwnCloud hosting, and SSL certificates. The company's website is http://kodhosting.com.
Vulnerabilities
IceFire ransomware targets Linux systems, exploiting vulnerabilities such as CVE-2022-47986, a critical remote code execution (RCE) vulnerability in the IBM Aspera with a CVSS rating of 9.8. The attackers use this vulnerability to deploy their payloads and encrypt the victims' Linux systems.
Impact
The IceFire ransomware attack on Kod Hosting has resulted in the encryption of files on the company's Linux systems, with the attackers demanding payment in exchange for the key to decrypt them. The attack has caused disruption to the company's operations and potentially put sensitive data at risk.
The IceFire ransomware attack on Kod Hosting underscores the growing trend of ransomware targeting Linux systems, which are increasingly being used in enterprise settings for critical tasks such as hosting databases, web servers, and other mission-critical applications. Companies operating in the Media & Internet sector, like Kod Hosting, should be aware of this trend and take appropriate measures to secure their Linux systems against ransomware attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.