As ransomware attacks continue targeting various firms, the tech giant Intel has now appeared on their radar. Briefly, Intel’s AI processor developer firm Habana Labs has fallen prey to a cyber attack. Reports suggest that Habana Labs has suffered the blow from Pay2Key ransomware.
Intel Habana Labs Hit By Pay2Key Ransomware
Reportedly, the Israel-based AI processor developer entity for Intel, Habana Labs, has become a victim of Pay2Key ransomware.
While the firm hasn’t officially revealed anything about it yet, the attackers didn’t bother to remain silent.
According to Bleeping Computer, the Pay2Key ransomware gang has started leaking files stolen from Habana Labs systems on their site. This shows that Pay2Key also follows the trail of most modern ransomware that not only encrypt victim’s data but also steal it.
As evident from the shared information, the threat actors have given a 72-hour deadline to the firm to make them “stop the leaking process”. It’s presently unclear what exactly the demanded ransom was. And, whether or not an official from Habana Labs have contacted the attackers.
Nonetheless, the leaked files that the attackers shared online on December 13, 2020, show that they managed to pilfer sensitive data from the firm. As witnessed by Bleeping Computer,
This data includes Windows domain account information, DNS zone information for the domain, and a file listing from its Gerrit development code review system.
Pay2Key ransomware is a relatively newer player in the realm of ransomware that caught attention in November 2020. The ransomware appeared to specifically aim at organizations.
Initially, the ransomware caused disruption among European corporate firms. However, recently, it has targeted numerous Israeli firms back-to-back. One of the victims is the software company Amital, according to Israeli media.
It is believed that the ransomware possibly links back to Iranian threat actors.
This week @_CPResearch_ released an analysis of ransomware targeting Israeli SME dubbed "Pay2Key". Using intelligence sources and our latest CryptoCurrency monitoring capabilities, we have been able to track the exit strategy of the threat actors leading to Iranian exchange. pic.twitter.com/64WzsonAjQ
— Profero (@ProferoSec) November 11, 2020
Let us know your thoughts in the comments.