You have4 free articles left this month.
Register for a free account to access unlimited free content.
You have 4 free articles left this month.
Register for a free account to access unlimited free content.
Powered by MOMENTUM MEDIA
lawyers weekly logo

Powered by MOMENTUMMEDIA

Breaking news and updates daily. Subscribe to our Newsletter
Advertisement

High end jeweller hacked, some 69,000 files on clients leaked

Russian cyber gang Conti is thought to have been behind the hack, with the group allegedly demanding ransom in exchange for protecting further client information.

High end jeweller hacked, some 69,000 files on clients leaked
expand image

Media outlets have begun reporting that high end jeweller Graff was the victim of a cyber attack this week, with the Russian cyber gang Conti allegedly demanding ransom from the jeweller in exchange for protecting additional client information.

Already, Conti has released an estimated 69,000 files representing 11,000 of Graff’s clients to coerce the jewellers into caving into the group’s demands. The Daily Mail reported that information belonging to Donald Trump, Oprah, Ghislaine Maxwell and David Beckham were released on the Dark Web.

The Mail on Sunday explained the sensitivities of the hack.

“Documents including client lists, invoices, receipts and credit notes have been taken, and could prove embarrassing for customers who may, for example, have bought gifts for secret lovers or taken jewellery as bribes,” it said.

Among the names were several high ranking politicians and royals from the Middle East and Asia.

“Regrettably we, in common with a number of other businesses, have recently been the target of a sophisticated – though limited – cyber attack by professional and determined criminals,” a statement from a company spokesperson said.

“We were alerted to their intrusive activity by our security systems, allowing us to react swiftly and shut down our network. We notified, and have been working with, the relevant law enforcement agencies and the ICO.”

In early September, Cyber Security Connect reported the operating capabilities of the threat actors.

An analysis from cyber security company Sophos outlined that Conti is likely exploiting ProxyShell — a collection of vulnerabilities for Microsoft Exchange servers, which enables an actor to bypass authentication and execute code as a privileged user.

Conti attackers are reportedly gaining access to the target's network and set up a remote web shell in under one minute, and are installing a second, backup web shell just three minutes later.

“Within 30 minutes they had generated a complete list of the network's computers, domain controllers, and domain administrators,” Sophos noted.

“Just four hours later, the Conti attackers had obtained the credentials of domain administrator accounts and began executing commands.”

[Related: Conti emerges as growing cyber threat]

You need to be a member to post comments. Become a member for free today!

Comments (0)

Cyber Daily Comments
Attach images by dragging & dropping or by selecting them.
The maximum file size for uploads is MB. Only files are allowed.
 
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
The maximum number of 3 allowed files to upload has been reached. If you want to upload more files you have to delete one of the existing uploaded files first.
Posting as

    newsletter
    cyber daily subscribe
    Be the first to hear the latest developments in the cyber industry.