ManageEngine x Forrester | Workforce Identity Platforms Landscape Report

Recent AD News

Accellion Zero-Days Responsible for Recent Data Theft and Extortion Attacks

A recent string of attacks consisting of data threats and extortion have been linked to the the Accellion File Transfer Appliance’s CVE’s. Cybersecurity researchers said that a cybercrime group called UNC2546 was responsible for the two month long attack

The crime group exploited multiple zero-day vulnerabilities in the legacy FTA software to install a new web shell named DEWMODE on victim networks and exfiltrated sensitive data. However, the data wasn’t encrypted by deploying ransomware, but the criminals demanded the victims via emails to pay a bitcoin ransom.

Following the discovery of the attacks, Accellion has patched four FTA vulnerabilities that were known to be exploited by the threat actors.

Accellion has urged its FTA customers to migrate to Kiteworks,and also added that fewer than 100 out of 300 total FTA clients were victims of the attack and that less than 25 appear to have suffered “significant” data theft. This announcement comes a week after the grocery chain Kroger disclosed that HR data, pharmacy records, and money services records belonging to some customers might have been compromised as a result of the Accellion incident.

Related posts
Recent AD News

Chinese hacker group 'Naikon' strikes again: Targets ASEAN nations

Recent AD News

Bumblebee: A new malware loader on the prowl

Recent AD News

FBI issues alert: A lethal ransomware that breached 60 companies

Recent AD News

Israel's Pegasus spyware finds a new target


There are over 8,500 people who are getting towards perfection in Active Directory, IT Management & Cyber security through our insights from Identitude.

Wanna be a part of our bimonthly curation of IAM knowledge?

  • -Select-
  • By clicking 'Become an insider', you agree to processing of personal data according to the Privacy Policy.