Japan-based Olympus Corp. is reportedly looking into a latest possible cybersecurity incident affecting the company’s computer network in Africa, Middle East, and Europe. The company, in a statement, mentioned that it detected some suspicious activity and has immediately deployed a special response team comprising of forensics experts. Currently, it is working on a high-priority basis to resolve this problem.

According to the credible sources, Olympus has stopped data transfers in the impacted systems and has informed all the external partners who will be directly affected by this ransomware.

But as per a subject matter expert, the company is recovering from a ransomware attack that began in the early morning of September 8.

BlackMatter, the ransomware group, apparently left behind a ransom note on the affected systems and took responsibility for the act. It mentioned that the network of the company was encrypted and currently non-operational. The note also stated that the group will provide the decryption programs if the company was willing to pay for it.

The ransom note also comprised an address to a website that is accessible only through the Tor Browser that is prominently used by the ransomware group to communicate with its victims.

Threat analyst and a ransomware expert at Emsisoft, Brett Callow, quoted that the website in the ransom note is related to the BlackMatter group. It is a ransomware-as-a-service group that was established as an inheritor to multiple ransomware groups like DarkSide, which recently took off from the world of crime after the illustrious ransomware attack on Colonial Pipeline, and REvil. These went undercover for months post the Kaseya attack which swamped hundreds of firms with ransomware.

Reports have it that both the attacks caught the eye of the U.S. administration, which vowed to act if any crucial infrastructure was impacted again.

Ransomware groups like BlackMatter rent access to administrative infrastructure, which associates use to initiate attacks, while BlackMatter gets a cut from the ransoms paid.

Source credits:

https://techcrunch.com/2021/09/12/technology-giant-olympus-hit-by-blackmatter-ransomware/