Recently, a well-known malware called REvil Ransomware has attacked Fimmick, a Hong Kong-based marketing firm. The ransomware attack has been confirmed by a British cybersecurity firm in charge of monitoring the situation.
Fimmick is a marketing firm serving high-profile companies, including McDonald’s, Shell, Asus, Coca-Cola, and others.
Currently, Fimmick’s website is down, and there are no proper actions taken to address this situation. Still, according to the CEO of a UK-based cybersecurity firm, to protect the clients and customers, they routinely scrutinize the activities acted by these cybercriminals for evidence of their behaviours and habits.
Earlier this week, the researchers discovered that the data breaching conducted by REvil had reached Fimmick’s databases. The cybercriminal group also claimed to have gathered data from numerous global brands. The CEO of the mentioned UK-based cybersecurity firm shared screenshots depicting REvil’s posts threatening Fimmick about exploiting this stolen information from their company’s website.
The REvil ransomware does not shy away from threatening companies
The cyber-criminal group REvil also shared with them a directory structure of the stolen company data, and the researchers also noted that the attacker’s “Happy Blog” also appears to be temporarily unavailable. However, the reason behind this is still undefined.
According to the researcher, Kate Spade, Cetaphil, Hana-Musubi, and Coca-Cola are identified in the master list of stolen data. Due to being affiliated with larger companies with more valuable data, ransomware gangs have targeted many competing marketing firms multiple times over the years.
According to a separate researcher, the most attractive targets for ransomware operators are the ones that lead to additional targets.
He also added that opting for the easiest target and the low-hanging fruit is the main priority for ransomware gangs because it requires less effort but at the same time brings greater results.
He further elaborated that marketing firms, PR firms, and organizations that integrate with other businesses could have a wide array of data and info that creates an opportunity for targeting the next victim with lesser effort. The researcher then compared it to service providers, which if criminals successfully breach a single data could lead to a domino effect that may bring them to another victim. Attacking marketing or PR firms allows ransomware gangs to create more chances of acquiring a tremendous amount of payday.