Bleeping Computer reports that Pay2Key ransomware attacked the Israeli company Habana Labs. As a result of the attack, hackers managed to steal more than 50 GB of data.
Habana Labs is an Israeli developer of AI processors that accelerate artificial intelligence workloads in the datacenter. Intel purchased the company in December 2019 for approximately $2 billion.According to the onion site of the criminals, during the attack, they were able to steal about 53 GB of data from Habana Labs, including business documentation, source codes, information about the Windows domain account, information about the domain’s DNS zone, as well as files related to Gerrit.
Criminals write that Habana Labs has “72 hours to stop the leak.” At the same time, it is not known what requirements the attackers made to the company. Journalists believe that this attack may not be aimed to obtaining financial benefits, but should harm Israel’s interests.
Pay2Key ransomware is a relatively new threat that experts from Check Point and Profero spoke about in November 2020. Recently, malware operators have already noticed a number of attacks on Israeli businesses, and Profero believes that Iranian attackers may be behind Pay2Key.
The researchers came to this conclusion by tracing the movement of funds in the group’s wallets to Iranian cryptocurrency exchanges.
Israeli media also reported that this week, attackers hacked into Israeli shipping and freight software company Amital and used the attack to compromise 40 of the company’s customers in a supply chain attack.
According to Check Point, on average, Pay2Key operators demand from the affected companies from 7 to 9 bitcoins as a ransom, that is, approximately 135-173 thousand dollars at the current exchange rate.
Let me remind you that we talked about the fact that Iranian low-skilled hackers are quite successful in “playing” with Dharma ransomware, as well as that cybercriminals are leaking data from the hacked Embraer company.
