Xerox Cyberattack by Incransom : on December 30, 2023, Xerox Corp, a global leader in document management solutions, was reportedly the victim of a significant cyberattack. Identified by the security group “incransom,” this attack underscores the security risks increasingly faced by major technology companies. With a specific detection hash, this intrusion into Xerox’s systems in the United States marks a serious incident in the field of cybersecurity.
Xerox, known for its high-end printers and copiers, was targeted in the United States, according to the report. Although the specific details of the attack remain unknown, the detection hash indicates a potentially serious breach. The Proof Pack includes AT&T invoices, contracts. However, at the time of writing this article, Incransom has made its leak disappear.
This attack against Xerox highlights the growing vulnerabilities that large technology companies face. As the world becomes increasingly reliant on digital technology, the issue of data security and IT infrastructure becomes paramount.
Companies, both large and small, must be aware of the importance of strengthening their defenses against such attacks. The cyberattack against Xerox serves as a severe warning: no player in the technology sector is immune to the growing threats in cyberspace.
Xerox Cyberattack by Incransom
Incransom is a ransomware operation that emerged in July 2023. Operators present themselves as a service to their victims, offering to pay the ransom to “save their reputation.” They threaten to reveal their methods to make the victim’s environment ‘more secure.’
Targeting various sectors, including health and technology, Incransom steals data and threatens to disclose it if demands are not met. It uses various access methods, including phishing and exploiting vulnerabilities.
The payloads support multiple command-line arguments for targeting and encrypting data. Ransom notes are written in each encrypted folder, and the ransomware also attempts to delete volume shadow copies. To detect it, a multi-layered approach is required, including anti-malware tools, network traffic monitoring, regular security audits, employee training, and a robust backup plan.
To mitigate risks, it is recommended to educate employees, implement strong passwords, enable multi-factor authentication, update and patch systems, and establish backup and recovery processes in case of disaster.
To complement the article on Xerox’s attack by Incransom, it’s important to mention another significant case: that of Guardian Alarm, which occurred on November 15, 2023. Guardian Alarm, specializing in alarm and security systems, was the victim of a major attack by Incransom, resulting in the leak of over 150 GB of data. Most alarming is that the disclosed “Proof Pack” contained detailed plans of an ALBI supermarket’s premises, including the layout of their anti-intrusion system.
This breach underscores the predatory and indiscriminate nature of Incransom’s attacks, targeting not only large technology companies but also those in sensitive sectors like security. The leak of such critical information as the security plans of a supermarket poses a major risk, not only to the concerned company but also to public safety.
Source : https://securityaffairs.com/156679/cyber-crime/inc-ransom-ransomware-xerox-corp.html
