27 December 2021

French IT services giant Inetum Group targeted in a ransomware attack


French IT services giant Inetum Group targeted in a ransomware attack

French IT services company Inetum Group disclosed it was hit by a ransomware attack just a few days before Christmas, but the company said that the security incident affected only operations in France and did not impact any of the other countries where Inetum operates.

“None of the main infrastructures, communication, collaboration tools or delivery operations for Inetum clients has been affected. Within the affected perimeter, all servers have been isolated and client VPNs have been switched off,” the company said in a press release.

Inetum is an IT services company that provides digital services and solutions to companies in various sectors. The Group operates in more than 26 countries and has nearly 27,000 collaborators. In 2020 the company generated revenues of €1,966 billion, according to the information on its website.

Inetum Group did not specify what ransomware strain was involved in the attack, which took place on December 19, but added that that there was no link found to the Log4j vulnerability.

According to the French publication LeMagIt, Inetum was hit by the BlackCat ransomware, a relatively new malware, known as ALPHV and Noberus.

Discovered by security researchers from Recorded Future and MalwareHunterTeam, BlackCat is written in the Rust programming language and can target Windows, Linux, and VMWare ESXi systems.

Researchers at Recorded Future speculate that the author of the BlackCat ransomware, known as ALPHV, was previously involved with the REvil ransomware gang.

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. As many other ransomware gangs, the group also engages in double-extortion, threatening victims to publish the stolen data if they don’t pay a ransom.


Back to the list

Latest Posts

The story of the four bears: Brief analysis of APT groups linked to the Russian government

The story of the four bears: Brief analysis of APT groups linked to the Russian government

In “The Four Bears” series we will tell you about the APT groups known as Fancy Bear, Cozy Bear, Voodoo Bear, and Berserk Bear.
17 January 2022
Cybersecurity year in review: Most notable APT hacks of 2021

Cybersecurity year in review: Most notable APT hacks of 2021

In 2021 nation-state actors somewhat faded into the background, but they still pose a significant threat.
17 January 2022
Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

Hackers put up for sale data of 2M ONUS customers after the company refused to pay $5 million ransom

The attackers exploited the Log4Shell vulnerability on ONUS’ Cyclos server to plant backdoor and exfiltrate data.
30 December 2021