AcronisAcronisAcronisAcronisAcronisAcronisAcronisAcronisAcronisAcronisAcronis
Acronis
Acronis Threat Research Unit

Acronis Threat Research Unit

Threat Research Unit is a dedicated Acronis unit composed of experienced cybersecurity experts. Our team includes cross-functional experts in cybersecurity, AI, and threat intelligence. We are empowering IT teams with intelligence-driven cyberthreat research and reporting.

Acronis Threat Research Unit's articles

September 13, 2022

Hotel giant IHG hit by cyberattack, bookings disrupted

Leading hospitality company InterContinental Hotels Group PLC (also known as IHG Hotels & Resorts) has been impacted by a cyberattack. The hotel group's APIs are down and showing 502 and 503 HTTP errors, while customers are unable to log into their accounts.

September 12, 2022

Instagram phishing campaign dangles "blue badges" as lure

A new Instagram phishing campaign has been discovered, attempting to scam users of the popular social media platform by luring them with the offer of a coveted "blue badge" — official verification of the user's profile. As part of the alleged verification process, users are asked to reveal their password and other sensitive information, all of which is sent directly to the attacker.

September 01, 2022

LockBit gang plans triple-extortion tactics

The LockBit ransomware gang has announced that it is working to take its operation to the triple-extortion level. The gang is now looking to add DDoS as an extortion tactic on top of encrypting data and exfiltrating it (to threaten future leaks).

September 01, 2022

Library services firm Baker & Taylor hit by ransomware

Baker & Taylor, the world's largest distributor of books to libraries worldwide, confirmed it's still working on restoring systems after being hit by ransomware more than a week ago. With an annual revenue of $4.6 billion, the Charlotte, North Carolina-based firm currently services more than 5,000 public and academic libraries.

August 29, 2022

Quantum ransomware attack hits Dominican Republic government agency

The Dominican Republic's Instituto Agrario Dominicano (IAD) has suffered a ransomware attack by the Quantum group. According to the ransom note, at least four physical servers and eight virtual servers with the databases, applications and emails were compromised.

August 15, 2022

Cisco breached in Yanluowang ransomware attack, 2.8 GB data stolen

Multi-national tech conglomerate Cisco has confirmed that the Yanluowang ransomware gang breached its corporate network in late May, and that the group tried to extort them by threatening to leak stolen files online. The Yanluowang gang claims to have stolen 2.8 GB of data, consisting of approximately 3,100 files which Cisco has described as "not sensitive."

August 08, 2022

Electronics manufacturer Semikron hit by LV ransomware

German electronics manufacturer Semikron has reported that they were hit by a ransomware attack. The LV ransomware group has claimed responsibility for this attack, and is threatening to leak 2 TB worth of stolen data if their ransom demands are not met.

August 05, 2022

European pipeline operator hit by BlackCat/ALPHV ransomware

The ALPHV/BlackCat ransomware gang claims to have stolen more than 150 GB of data from Creos Luxembourg S.A., a company which manages natural gas pipelines and electrical networks in the Grand Duchy of Luxembourg. The alleged stolen data consists of 180,000 files, including contracts, agreements, passports, bills and emails.

August 05, 2022

New attack framework Manjusaka is similar to Cobalt Strike

Researchers have observed a new post-exploitation attack framework in the wild. Manjusaka, as it's called, can be deployed as an alternative to the popular Cobalt Strike toolset ⁠— or parallel to it for redundancy.