Ransomware: Inserm Transfert joins Conti’s list of victims

Our colleagues from Point disclosed at the end of last week: On June 18, Inserm Transfert “recorded” a cyberattack. Founded in 2000, the National Institute for Health and Medical Research, a private subsidiary of the National Institute for Health and Medical Research, explains on its website, “specializes in technology transfer in the life sciences and seeking co-financing.”

Continuation of the article below

Against the backdrop of the Covid-19 pandemic, the motives behind this cyberattack naturally raise questions. But it looks like this is only a financially motivated cybercrime. In fact, the Conti ransomware operators have just claimed responsibility for an attack on a showcase site where they represent their victims who refused to succumb to blackmail. They do not provide any details as to the volume and nature of the stolen data.

According to our colleagues, the management of Inserm Transfert filed a complaint three weeks after the start of encryption and stated that “it suspects the theft of digital data for the purpose of resale on the darknet.”

The manner in which the attackers would act was not specified. However, we have observed that Inserm-Transfert is running an Exchange server that still has these vulnerabilities. ProxyLogon March 19.

Perhaps most surprising here is how quickly Conti’s operators took responsibility for their attack. So on July 19, they posted a series of several new victims, some of whom paid the price for their aggressiveness a few months ago. Among them we find Infovista, which was attacked at the end of April, and Cegos, which was attacked a few days earlier.

To learn more about IT threats

Back to top button