LockBit Ransomware Group Behind Adstra Cyber Attack


The LockBit ransomware group has claimed responsibility for the Adstra cyber attack, listing the MarTech – AdTech cloud-based identity and data platform to its victim list.

The group has threatened to leak the exfiltrated data from the alleged cyber attack on Adstra, the cloud-based Identity and data platform.

While LockBit has claimed that they have access to data stolen , the Adstra cyber attack remains unconfirmed.

Adstra cyber attack

(Photo: FalconFeedsio/ Twitter)

The exfiltrated data from the cyber attack on Adstradata.com was uploaded on June 5, 2023, according to LockBit’s post. In the next 19 days, the ransomware group has threatened to leak the data.

The Cyber Express has reached out to the company to confirm the alleged Adstra cyber attack. However, the official website of the company was active at the time of writing.

Adstra Cyber Attack
Screenshot of the Adstra website

LockBit and other ransomware groups have been on a rampage attacking company website showing that there are vulnerabilities in software that they can always target. If not a zero-day vulnerability, an unpatched system.

And in the absence of either, they also send phishing emails with specially crafted content, spoofed domains, close resembling email addresses to their official counterparts, and use urgent sounding subjects to make employees open emails and download malicious attachments.

Earlier, the LockBit also claimed the alleged cyber attack on Expeditus Transport. The deadline to pay the ransom is June 12, 2023.

Adstra advertising services

Adstra Cyber Attack
Screenshot of the Adstra website

Adstra has a rather elaborate client base with brands including Hulu, Chevrolet, IBM, Cisco, and Google working with them.

They also serve several non-profits including Feeding America. The company specializes in identity management, data acquisition, non-profit acquisition, and media measurement among other areas.

The marketing and advertising technology company is headquartered in Princeton, New Jersey.

Lockbit 3.0 is the next generation of ransomware employed by the Lockbit ransomware gang and uses the prolific BlackMatter ransomware code as its USP.

LockBit 3.0 or known by other aliases such as ‘LockBit Black,’ is capable of anti-debugging, removing the Volume Shadow Copy files, and even self-spreading using legitimate tools inside the victim’s systems. 

Data services and vendor management security risks

A HIPPA Journal post published this week stated that in May 2023, the Florida legislature passed an update relating to the storing of health records outside of the United States, its territories, or Canada.

The government is taking vendor management and data breaches arising from third-party data management service providers. The update read that it prohibits healthcare record technologies from storing electronic records outside of the said regions.

“The ban also covers patient information stored through a third-party or subcontracted computing facility or cloud computing service, which must similarly maintain the data in the continental United States, its territories, or Canada,” the post further read.

However, the ban is yet to take effect, following which it will no longer be legal to opt for similar data storing services provided by overseas vendors.

“All healthcare providers covered by the Florida Electronic Health Records Exchange Act must comply with the updated law by July 1, 2023,” the post added.

According to a survey, 27% of cyber attacks originating from third-party in 2021 were ransomware attacks. Software publishers were among the most targeted of all among third-party vendors amounting to 23% of attacks.

It is about time, other sectors are considered for similar rules and how third-party vendor management policies take shape.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.





Source link