Pay2Key ransomware attacked Intel-owned Habana Labs company

Pay2Key attacked Habana Labs
Written by Emma Davis

Bleeping Computer reports that Pay2Key ransomware attacked the Israeli company Habana Labs. As a result of the attack, hackers managed to steal more than 50 GB of data.

Habana Labs is an Israeli developer of AI processors that accelerate artificial intelligence workloads in the datacenter. Intel purchased the company in December 2019 for approximately $2 billion.

According to the onion site of the criminals, during the attack, they were able to steal about 53 GB of data from Habana Labs, including business documentation, source codes, information about the Windows domain account, information about the domain’s DNS zone, as well as files related to Gerrit.

Pay2Key attacked Habana Labs
Criminals write that Habana Labs has “72 hours to stop the leak.” At the same time, it is not known what requirements the attackers made to the company. Journalists believe that this attack may not be aimed to obtaining financial benefits, but should harm Israel’s interests.

Pay2Key ransomware is a relatively new threat that experts from Check Point and Profero spoke about in November 2020. Recently, malware operators have already noticed a number of attacks on Israeli businesses, and Profero believes that Iranian attackers may be behind Pay2Key.

The researchers came to this conclusion by tracing the movement of funds in the group’s wallets to Iranian cryptocurrency exchanges.

This week @_CPResearch_ released an analysis of ransomware targeting Israeli SME dubbed “Pay2Key”. Using intelligence sources and our latest CryptoCurrency monitoring capabilities, we have been able to track the exit strategy of the threat actors leading to Iranian exchange.Profero experts wrote on Twitter.

Israeli media also reported that this week, attackers hacked into Israeli shipping and freight software company Amital and used the attack to compromise 40 of the company’s customers in a supply chain attack.

According to Check Point, on average, Pay2Key operators demand from the affected companies from 7 to 9 bitcoins as a ransom, that is, approximately 135-173 thousand dollars at the current exchange rate.

Let me remind you that we talked about the fact that Iranian low-skilled hackers are quite successful in “playing” with Dharma ransomware, as well as that cybercriminals are leaking data from the hacked Embraer company.

Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Emma Davis

I'm writer and content manager (a short time ago completed a bachelor degree in Marketing from the Gustavus Adolphus College). For now, I have a deep drive to study cyber security.

Leave a Reply

Sending

This site uses Akismet to reduce spam. Learn how your comment data is processed.