Inetum IT services provider struck by a ransomware attack

January 24, 2022
Inetum IT Services Provider Ransomware Attack BlackCat LeMaglt Data Breach Malware

A French IT services provider called Inetum has been struck by a ransomware attack that impacted its business transactions and clients. The ransomware incident inflicted by unknown threat actors was said to have occurred a week before December 25 last year.

The ransomware attack against the IT firm can cause widespread problems since it was found to be active in approximately 26 countries. The firm also have clients in multiple sectors such as banking, automotive, energy, insurance, aeronautics, media, and telecoms, which adds up to the threat that the incident can cause.

As an IT service provider for numerous companies and with revenue reaching nearly a couple of billion, Inetum is an attractive target for threat actors specialising in ransomware attacks.

Only a week before Christmas day, Inetum became the target of a ransomware attack that compromised its operations inside France and allegedly did not infect more extensive infrastructure used by their clients. The IT firm, nonetheless, has claimed that the ransomware attack did not cause any damage to their customers’ infrastructures, communications, and operations.

The IT firm’s security team has immediately addressed the situation to protect the connections that could put their customer’s systems at risk. The operational teams quarantined the affected server to minimise the risk of infecting uncompromised ones.

An investigation conducted by the team discovered that threat actors utilised a ransomware variant in the attack against them. Furthermore, the firm’s team insisted that the recent Log4j flaw exploitation did not cause the ransomware attack.

 

Inetum did not reveal the name of the malware utilised against them. However, according to an investigator, the malware used against the firm is called LeMaglt.

 

LeMaglt is a file-encrypting malware written in Rust, usually for ransomware campaigns, and has been abundantly used by numerous malicious actors last November. According to experts, one of the threat groups that uses LeMaglt is BlackCat, which has various advanced features and attacks with a flexible configuration to spread to other devices.

The Inetum Group has contacted law enforcement agencies and cooperated with cybercrime teams. A third-party security team has also been asked to help with the incident response team. The affected firm claimed that the delivery operations to clients are allegedly safe, and customers should not worry about getting infected.

About the author

Leave a Reply