Doctor Web Refutes Hackers’ Claims of User Data Theft

2 months ago 18
News Banner

Looking for an Interim or Fractional CTO to support your business?

Read more

Russian antimalware firm Doctor Web on Wednesday refuted hackers’ claims that development and user data was stolen in a September hack.

In mid-September, the security company said it had thwarted a cyberattack aimed at its infrastructure, and that it had taken its systems offline to investigate the incident.

Doctor Web said at the time that it had decided to observe the attackers’ movement after detecting the intrusion, and that the assault had no effect on users’ systems protected by its antivirus solution Dr.Web.

In a Wednesday statement, the company revealed that the attackers were looking to extort it, but provided no further details, citing an ongoing law enforcement investigation.

“We managed to promptly thwart the attack and then proceeded by disconnecting our systems from the network for a thorough examination in accordance with our established security policy. The attackers intended to demand a ransom from Doctor Web, but we never negotiate with perpetrators,” the company said.

Referring to a Telegram post by pro-Ukrainian hacktivist group DumpForums claiming that the compromise led to the theft of 10 terabytes of data, Doctor Web said that the attackers’ claims are exaggerated.

“Most of the claims that appeared in Telegram are false. Our development environment and customer information haven’t been affected by the attack. Our software module and virus database updates pose no threat whatsoever to Dr.Web users,” the company said.

However, Doctor Web also noted that it was analyzing screenshots that DumpForums posted on Telegram as proof of data theft “to ensure that no portion of our relevant data has been compromised”.

Advertisement. Scroll to continue reading.

The hacktivists, on the other hand, said they had access to the antimalware firm’s network for roughly a month, breaking into the company’s GitLab environment, corporate email and development servers, various internal resources, and the company’s domain controller.

Related: India-Linked Hackers Targeting Pakistani Government, Law Enforcement

Related: Oregon Zoo Ticketing Service Hack Impacts 118,000

Related: Hackers Claim to Have Infiltrated Belarus’ Main Security Service

Related: Russia Hacked Residential Cameras in Ukraine to Spy on Air Defense, Critical Infrastructure

Read Entire Article