[BreachExchange] Australian company Jands appears to have been hit by Windows ransomware

Destry Winant destry at riskbasedsecurity.com
Fri Sep 4 09:56:09 EDT 2020


https://www.itwire.com/security/australian-company-jands-appears-to-have-been-hit-by-windows-ransomware.html

Cyber criminals appear to have used the Windows NetWalker ransomware
to attack the website of Australian firm Jands, which distributes some
leading audio, lighting and staging brands for installation,
production and retail industries throughout Australia and New Zealand.

The people behind the attack have posted a screenshot of data stolen
from Jands on their website. Going by that, what seems to have been
stolen is financial data, customer details and other miscellaneous
data.

Jands has been in business since 1970 and is based in Mascot, NSW.

NetWalker has not been used in many attacks recently. One attack of
note was on Forsee Power, a company that designs and manufactures
smart lithium-ion battery systems for electro-mobility markets.

Another was an attack on Trinity Metro, a regional transportation
authority of the state of Texas.

Prior to that the University of California in San Francisco admitted
it paid US$1.14 million to a gang that used NetWalker to attack its
systems. A fourth case was that of Australian customer experience firm
Stellar, that also operates across Asia, North America and Africa.

iTWire has contacted Jands for comment.

Brett Callow, a ransomware threat researcher who works for the New
Zealand-headquartered security firm Emsisoft, said NetWalker was a
sophisticated ransomware-as-a-service operation that mainly targeted
enterprise-space companies.

"It only accepts affiliates with proven access to enterprise-space
networks," he added. "Like other groups, NetWalker uses a range of
attack vectors including phishing and RDP."


More information about the BreachExchange mailing list