Similarly,
Google discovers large data looting:
Google has just lifted the veil on a large cyber attack in progress. However, The attack. Furthermore, based on network boxes at the end of their life, makes it possible to steal the sensitive and confidential data of the targeted companies.
Researchers from Google Threat Intelligence Group (GTIG). Meanwhile, a Google, and Mandiant division, a subsidiary of Google, discovered “An current campaign” targeting companies. Therefore, In a press release published on July 16, 2025, Google experts explain that the first attacks go back “At least at October 2024”. Nevertheless, Cyberattacks aim to seize the data from organizations and deploy ransomware.
Read also: Russian cyber attacks – Police disconnect the servers of Noname057 (16)
End -of -life devices in the viewfinder of pirates – Google discovers large data looting
To achieve their ends. Furthermore, the pirates attack it end -of -life devices Made by Sonicwall, an American company specializing google discovers large data looting in network security. The hackers exploit devices that are no longer supported, but which have been entitled to updates.
Only devices in the 100 Sonicwall Secure Mobile Access (SMA) range are targeted by the attack. These are network safety boxesused mainly to allow remote secure access to employees of a company.
Read also: a wave of cyber attacks threatens airlines
Zero Day identifiers. flaws
In order to enter the device, cybercriminals use stolen sensitive data During subsequent intrusions, including identifiers. Google believes that the data has been stolen through vulnerability in brand products. Thanks to these identifiers and passwords, the pirates enter the device system. Once inside. they will exploit Zero Day faults, not corrected or disclosed, to set up malicious software on the device, including the “Overstep” door. This is specially designed to hack Sonicwall devices.
It is through this malware that pirates will exfiltrate business data. google discovers large data looting To blur the tracks, and hide its traces, the virus will erase the newspaper’s entries. In parallel, the hackers retain persistent access to the device by modifying the start -up process.
For the moment, Google has not yet managed to go back to the identity of cybercriminals behind the operation. Sonicwall recommends that all companies that use the concerned boxes of “Reset the OTP (single -use password) configuration for. all users”. This precaution will prevent hackers from using the data in their possession to generate temporary codes that will offer. them access to the device.
🔴 To not miss any 01net news, follow us on Google News and Whatsapp.
Source : Google
Further reading: China creates cyborg bees for military recognition operations – Released recently, the Galaxy Watch 8 Classic combines rotating bezel and premium case with already 100 € less during the sales – Patapon 1+2 replay is now available – Google prepares the overhaul of an essential Android tool … which had aged badly – Android hides a new secret menu that changes everything on your phone.
