What is known about the hackers from Dunghill and what secrets of the company are known to them?
This year, a group of hackers (at that time unknown) raided the database of Sabre, a leading player in the travel and booking market. Then the incident led to a large-scale leak, which was not reported for some time. More recently, attackers posted sensitive information about Sabre employees who are in the United States on a work visa.
Researchers found out that a group called Dunghill is behind the extortion campaign. As you know, about 1.3 terabytes of data were stolen. The criminals made their demands, but the company could not meet them, so some of the information was publicly available.
Sabre management learned about this from media reports and immediately issued an official statement, promising to conduct a thorough investigation. Invited cybersecurity experts took up the task.
In the hands of hackers were information about the nationality of employees, their dates of birth, passport and visa numbers. In addition, the stolen data includes ticket sales records, passenger statistics, financial documents, and other personnel — related information.
Not much is known about Dunghill right now, but there is speculation that the group is using Dark Angels Ransomware, a ransomware that can be considered an upgraded version of Babuk Ransomware.
According to Malwarebytes, Dunghill has previously attacked the servers of other organizations, including game developer Incredible Technologies, product company Sysco and car manufacturer Gentex. All these organizations once refused to comply with the hackers ' conditions, which also led to leaks.
This year, a group of hackers (at that time unknown) raided the database of Sabre, a leading player in the travel and booking market. Then the incident led to a large-scale leak, which was not reported for some time. More recently, attackers posted sensitive information about Sabre employees who are in the United States on a work visa.
Researchers found out that a group called Dunghill is behind the extortion campaign. As you know, about 1.3 terabytes of data were stolen. The criminals made their demands, but the company could not meet them, so some of the information was publicly available.
Sabre management learned about this from media reports and immediately issued an official statement, promising to conduct a thorough investigation. Invited cybersecurity experts took up the task.
In the hands of hackers were information about the nationality of employees, their dates of birth, passport and visa numbers. In addition, the stolen data includes ticket sales records, passenger statistics, financial documents, and other personnel — related information.
Not much is known about Dunghill right now, but there is speculation that the group is using Dark Angels Ransomware, a ransomware that can be considered an upgraded version of Babuk Ransomware.
According to Malwarebytes, Dunghill has previously attacked the servers of other organizations, including game developer Incredible Technologies, product company Sysco and car manufacturer Gentex. All these organizations once refused to comply with the hackers ' conditions, which also led to leaks.
