Oracle Confirms Cyber Extortion Attack on E-Business Clients
- Oracle confirms cyberattack on E-Business Suite customers receiving extortion emails.
- Hackers linked to cl0p group demanded ransoms up to $50 million.
- Oracle urges urgent software updates after vulnerabilities were exploited.
Oracle said on Thursday that some customers using its E-Business Suite have received extortion emails, confirming a warning issued earlier by Google. The company explained in a blog post that hackers may have taken advantage of known software flaws and urged clients to update their systems to the latest versions. Oracle has not yet said how many customers have been affected.
Google described the attack as 'high volume', though it did not share specific details. Cybersecurity experts say the extortion demands are serious. Cynthia Kaiser, head of Halcyon’s Ransomware Research Center, told Reuters that hackers demanded amounts ranging from several million dollars to as much as $50 million in some cases.
The ransomware group linked to the attack is known as cl0p, which Google has tied to this campaign. In a message to Reuters, cl0p claimed Oracle had 'bugged up' but did not provide further information.
Cl0p is believed by many researchers to be connected to Russian-speaking groups and operates as a 'ransomware-as-a-service' business, renting its tools and infrastructure to other criminals in exchange for a share of the profits.
Japanese cybersecurity firm Trend Micro has described cl0p as a 'trendsetter' in cybercrime because of its changing tactics and large-scale operations.
