After discovering that hackers hit a US defense contractor with ransomware, the UK’s Sky News reported on Wednesday that “Russian-speaking” people were suspected of the attack, wholly without evidence.
Sky News reported on Wednesday that hackers had broken into the computer network at Westech International, a US defense contractor that provides engineering maintenance and support for the Pentagon’s Minuteman III nuclear-tipped intercontinental ballistic missiles.
“There are also concerns that Russian-speaking operators behind the attack could attempt to monetize their haul by selling information about the nuclear deterrent on to a hostile state,” Sky News reported. However, the article provides absolutely no evidence for this claim.
“The IP addresses are detected as from the Russian Federation but that does not prove that the malware came from this country,” antivirus software company McAfee said in a March report on the functioning of MAZE, which is also called ChaCha, adding that “it could be deliberate misdirection but, with the language checks of CIS countries, it certainly appears possible.”
Tech outlet CRN also reported in April after IT service provider Cognizant was hit with a MAZE ransomware attack: “The actors posted a link on a Russian hacker and malware forum that contained files such as termination agreements, contracts, medical records, server directory listings, encryption certificates, and exported lists of users from active directory servers.”
Sourse: sputniknews.com