LiveHelpNow Targeted by Play Ransomware Group
Incident Date:
May 10, 2024
Overview
Title
LiveHelpNow Targeted by Play Ransomware Group
Victim
LiveHelpNow
Attacker
Play
Location
First Reported
May 10, 2024
Ransomware Attack on LiveHelpNow
Victim Profile
LiveHelpNow is a company specializing in providing omnichannel support solutions to businesses of all sizes. Led by CEO Jason O'Neill, the company is headquartered in Quakertown, Pennsylvania, United States. They offer a comprehensive customer support platform that includes live chat, SMS, email, and social media support.
Company Size and Standout Features
The revenue and size of LiveHelpNow are not publicly disclosed, but they are known for their fully integrated customer service suite that meets all customer support needs. Their software is quick to install, with no setup fees or contracts, and is backed by advanced technology.
Industry Vulnerabilities
LiveHelpNow's focus on customer data and communication channels makes them a prime target for threat actors. The omnichannel support they provide means a wide range of sensitive information is exchanged, including personal and financial data, making them attractive to cybercriminals.
Ransomware Group Tactics
The Play ransomware group, operated by Ransom House, has evolved from data theft to deploying cryptographic lockers. They target Linux systems and use encryption methods similar to Baseline Babuk. The group is known for submitting binaries containing hack tools and utilities after gaining initial access to networks.
Sources:
SentinelOne - Play Ransomware Group
Sophos - Ransomware Gangs and the Media
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.