UK Fashion brand FCUK aka French Connection was reportedly targeted by those spreading REvil ransomware. And the highlight of the attack is that it took place just a couple of hours before a Brazilian medical diagnostics firm Grupo Fleury was targeted by the same criminals.
Security analysts say that REvil gang was involved in both instances and might be going with a strategy of targeting only big institutions from now on. As often attacks on large companies guarantee a big sum as a ransom for sure.
According to a source reporting from FCUK, the companies back-end servers were targeted in the attack by REvil aka Sodinokibi group who siphoned sensitive information related to the fashion business.
French Connections has indulged a 3rd party firm to investigate the incident and assured that no data related to customers was accessed or stolen by the criminal gang.
Meanwhile, Grupo Fleury, brazil’s medical diagnostics firm revealed that it was hit by the REvil on June 22nd, 2021 and they were demanding $5 million as ransom in exchange for a decryption key.
“As Sodinokibi is known to target sensitive files, information related to Grupo Fleury patients and staff might have been accessed and moved to remote servers”, said Jamie hart, Threat Intelligence Analyst, Digital Shadows.
Note 1- A study made by SecureWorks Counter Threat Unit says that REvil ransomware gang’s source code was stolen and was been used by a newly incepted malware spreading gang dubbed LV Ransomware Group.
Note 2- Those behind REvil, have reportedly stuck more than 13 companies in this year and that includes SolarWinds Orion Software, JBS Foods, and attack and steal of classical data from Quanta Computer that is involved in the business of laptop manufacturing and is known to help Apple Inc in making Macs and other computing devices.