Newsroom
The banks Deutsche Bank, Commerzbank, and ING are among the dozens of companies that have suffered a large-scale cyberattack.
According to ING's statement, the data accessed by hackers included customer names and account numbers. The software vulnerability has since been fixed, as stated by the banks.
Since the end of last month, hackers have been exploiting a vulnerability in MOVEit, which is used by companies and organizations for data transfer. The previous attack, allegedly carried out by a hacker group known as Clop, resulted in the theft of data from dozens of organizations and government agencies in the US and Europe. The victims include the oil giant Shell and British Airways, along with banks, construction companies, and universities.
Cybersecurity experts have been monitoring these hackers, believed to reside in Russia, for some time, as they mainly operate in Russian-speaking forums. Russia has long been accused of being a safe haven for ransomware gangs, a claim it denies.
However, Clop operates as a "ransomware as a service" group, meaning that hackers can rent their tools to carry out attacks from anywhere. In 2021, individuals allegedly associated with the Clop group were arrested in Ukraine in a joint operation involving Ukraine, the US, and South Korea. At that time, authorities claimed to have dismantled the group, which they said was responsible for stealing $500 million from victims worldwide.
[With information sourced from Bloomberg and BBC]
