Hackers Launch Extortion Campaign Targeting Oracle E-Business Suite Customers

A significant number of organizations have received extortion emails from hackers who claim to have stolen sensitive information from their Oracle E-Business Suite instances, Google’s Threat Intelligence Group and Mandiant unit warn.

Oracle E-Business Suite (EBS) is a suite of integrated business applications used by large organizations to automate and manage business processes. Oracle says thousands of organizations around the world use this enterprise resource planning (ERP) system.

According to Google Threat Intelligence Group (GTIG) and Mandiant, the malicious activity allegedly targeting Oracle EBS appears to have started on or around September 29. The attackers have sent extortion emails to executives at “numerous” companies, claiming to be affiliated with the notorious Cl0p cybercrime group.

GTIG and Mandiant researchers have described the attacks as a high-volume email campaign leveraging hundreds of compromised accounts, including ones previously linked to a profit-driven threat group named FIN11. This long-running cybercrime gang is known ...