In a groundbreaking discovery, cybersecurity specialists at BI.ZONE have uncovered a series of highly sophisticated attacks orchestrated by the Sneaking Leprechaun group. Unlike conventional ransomware attacks, these cybercriminals employed a novel approach to breach the systems of more than 30 organizations in Russia and Belarus.
Through meticulous analysis, BI.ZONE researchers have unveiled the exploitation of vulnerabilities within outdated versions of widely-used platforms, including Bitrix, Confluence, and Webmin, which were installed on Linux servers. Once the perpetrators successfully infiltrated the targeted systems, they deployed their own malicious software to maintain control.
In a remarkable twist, the hackers opted for a more cunning strategy instead of employing traditional data encryption and ransom demands. Evading detection, they meticulously scrutinized the copied data, handpicking the most valuable information. Subsequently, the attackers initiated contact with the victim organizations, providing undeniable proof of their compromised data. It was at this critical juncture that the ransom demands were made, accompanied by the threat of public data exposure.
According to esteemed experts at BI.ZONE, Sneaking Leprechaun has wreaked havoc on over 30 organizations throughout Russia and Belarus within the past year. Among the primary targets were software development and integration companies. Notably, victims encompass a broad spectrum of industries, including finance, logistics, medicine, industry, and state institutions.