Articles HelloKitty Cryptographer Attacks Vulnerable SonicWall Devices

HelloKitty Cryptographer Attacks Vulnerable SonicWall Devices


The Department of Homeland Security (DHS CISA) Cybersecurity and Infrastructure Protection Agency (DHS CISA) has warned that attackers are attacking a “known, previously patched vulnerability” in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with outdated firmware. The experts add that attackers can exploit this vulnerability for targeted ransomware attacks.

As a reminder, last week SonicWall issued an urgent warning to their customers, announcing an “imminent ransomware campaign” that will target products that have already been discontinued. CISA now urges users and administrators to review this SonicWall notice and update their devices’ firmware or disable them immediately if this is not possible.

Although CISA and SonicWall do not talk about which hack groups are behind the attacks, Bleeping Computer’s own sources say that this is the HelloKitty ransomware, which has been actively exploiting the mentioned vulnerability over the past several weeks. This information was confirmed by employees of CrowdStrike company, saying that the attacks are carried out by several attackers, including HelloKitty.

The HelloKity ransomware has been active since November 2020 and is mainly known for its   attack on CD Projekt Red , where hackers claimed to have stolen the source code of Cyberpunk 2077, Witcher 3, Gwent and other games.

Although the experts are not talking about the exact vulnerability used to hack the SMA and SRA, a CrowdStrike specialist told reporters that the problem has the identifier CVE-2019-7481. This is an interesting fact, as SonicWall stated that the vulnerability “was fixed in newer firmware versions released in early 2021.” Whereas CrowdStrike believes that there is a problem under the attacks that was discovered and fixed back in 2019.

Must read

28 dangerous extensions detected for Google Chrome and Microsoft Edge

Avast experts have discovered malware hidden in at least 28 third-party...

Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat

Eleven vulnerabilities, combined under the name Urgent / 11,...

Why Is It Important To Have Intrusion Detection And Prevention ?

This article describes why detection and prevention of burglaries...

The risk is real: attacks on OT infrastructure

Previously, many believed that attacks on an isolated OT...

Gitpaste-12: Linux bot armed with a dozen exploits

Researchers at Juniper Networks have discovered a Linux scripting...

Saferwall : Open Source Malware Analysis

Saferwall is an open source malware analysis platform. It...

Network Vulnerability Assessment ? Why Should Every Company Do it at least once a Year !

Network vulnerability assessment analyzes a variety of network issues,...

Artificial Intelligence and Cyber Security

As artificial intelligence intrudes into the world of cybersecurity,...

You might also likeRELATED
Recommended to you