Ransomware Hits Entertainment Industry
Posted by: Timothy Weaver on 01/04/2017 03:33 PM
[
Comments
]
Arenas Entertainment has been hit with ransomware.
Arenas is a Hispanic entertainment company located in Los Angeles that serves the Hispanic community world-wide. Arenas is a film company that was formed by a union of Universal Pictures and The Arenas Group.
The ransomware appears to be a variant of Crysis ransomware, but the exact nature and amount of the ransom demand is unknown. Arenas has shut down their website and is only displaying an About Us page.
Andrei Barysevich, who is the director of advanced collection at threat intelligence firm Recorded Future, reports that the hacker has been identified as a Russian-speaking criminal who is soliciting partners for monetization of the compromised access to Arenas Entertainment systems.
The breach has not been made public and is currently being investigated by the FBI.
Barysevich has stated that: "Our monitoring tools identified a Russian-speaking cybercriminal has obtained access to Arena's systems via compromised RDP server and has been soliciting partners on the criminal underground to help him monetize the access. By the time our analysts reached out to the hacker to obtain additional information, we had learned that all company's computers were infected with Crysis ransomware. The criminal was also able to access company's bank accounts and attempted to initiate a fraudulent transfer."
The transfer appears to have failed.
Source: SCMagazine
Arenas is a Hispanic entertainment company located in Los Angeles that serves the Hispanic community world-wide. Arenas is a film company that was formed by a union of Universal Pictures and The Arenas Group.The ransomware appears to be a variant of Crysis ransomware, but the exact nature and amount of the ransom demand is unknown. Arenas has shut down their website and is only displaying an About Us page.
Andrei Barysevich, who is the director of advanced collection at threat intelligence firm Recorded Future, reports that the hacker has been identified as a Russian-speaking criminal who is soliciting partners for monetization of the compromised access to Arenas Entertainment systems.
The breach has not been made public and is currently being investigated by the FBI.
Barysevich has stated that: "Our monitoring tools identified a Russian-speaking cybercriminal has obtained access to Arena's systems via compromised RDP server and has been soliciting partners on the criminal underground to help him monetize the access. By the time our analysts reached out to the hacker to obtain additional information, we had learned that all company's computers were infected with Crysis ransomware. The criminal was also able to access company's bank accounts and attempted to initiate a fraudulent transfer."
The transfer appears to have failed.
Source: SCMagazine
Comments
