Home Cyber Attack CompuCom Services Fell Prey To DarkSide Ransomware Attack
Cyber AttackHacking NewsNews

CompuCom Services Fell Prey To DarkSide Ransomware Attack

by Abeerah Hashim
written by Abeerah Hashim

An American IT firm CompuCom has emerged as the latest victim of a ransomware attack. The firm fell prey to the Darkside ransomware whose attack also disrupted company operations.

CompuCom Suffered Malware Attack

Reportedly, the US-based managed IT service provider firm CompuCom has disclosed to have suffered a cyber attack.

CompuCom is a dedicated IT MSP offering hardware and software solutions, and integration and support services to the customers. The firm has numerous big names on its clientele including Microsoft, HP, Apple, Dell, Cisco, and IBM.

As it turns out, CompuCom suffered a service disruption over the past weekend. The incident left the customers unable to access the customer’s portal. In their press release, CompuCom mentioned some malware attack that caused the disruption.

Certain CompuCom information technology systems have been affected by a malware incident which is affecting some of the services that we provide to certain customers.

Explaining further in the statement, the firm confirmed to have started investigations about the matter by involving cybersecurity experts.

As the investigations remained in progress, CompuCom didn’t reveal any further details in the press release. Yet, they assured that the incident didn’t have any direct impact on customers’ systems.

DarkSide Ransomware Suspected

While CompuCom didn’t precisely state anything about the ransomware, Bleeping Computer has shared details about it. According to a ‘Customer FAQ Regarding Malware Incident’ that they obtained, CompuCom has become a target of DarkSide ransomware attack.

As revealed, the attackers first infected the target network with Cobalt Strike beacons that facilitated the attackers to move across the network. Eventually, on February 28, 2021, they deployed the ransomware that seized CompuCom systems.

As mentioned in the FAQ,

Based on our expert’s analysis to date, we understand that the attacker deployed a persistent Cobalt Strike backdoor to several systems in the environment and acquired administrative credentials. These administrative credentials were then used to deploy the Darkside Ransomware.

For now, it remains unclear if DarkSide has also stolen any data files before encryption – something likely for this ransomware.

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

You may also like

Multiple Vulnerabilities Found In Forminator WordPress Plugin

Palo Alto Networks Patched A Pan-OS Vulnerability Under...

Apple Removed Numerous Apps From China App Store

Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall...

Personal Data Exposed in Massive Global Hack: Understanding...

Guardz Welcomes SentinelOne as Strategic Partner and Investor...

Invision Community Vulnerabilities Risk E-Commerce Websites

Microsoft April Patch Tuesday Fixes Dozens of RCE...

Match Systems publishes report on the consequences of...

Cypago Announces New Automation Support for AI Security...