Oracle says hackers are targeting its customers with extortion emails
What's the story
Oracle has confirmed that its E-Business Suite customers have been targeted with extortion emails, confirming the warning that was first issued by Google. The tech giant's investigation found that hackers may have exploited known software vulnerabilities in their attack, prompting the California-based tech company to advise customers to update their products immediately.
Ransom demands
Hackers demanded ransom in tens of millions
Cynthia Kaiser, head of Halcyon's Ransomware Research Center, told Reuters that her company has seen extortion demands ranging from millions to tens of millions of dollars. The highest demand they have seen so far was a staggering $50 million. The hackers behind this campaign are believed to be the cl0p ransomware group, which operates as a ransomware-as-a-service provider.
Cybercriminals' profile
cl0p leases its software and infrastructure to other criminals
The cl0p group has been identified as Russian-speaking or Russia-linked by security researchers. They lease their software and infrastructure to other criminals for a share of the profits. Japanese cybersecurity firm Trend Micro previously described cl0p as "a trendsetter for its ever-changing tactics." Oracle has not yet revealed how many clients were affected by this hacking campaign.