Oracle Says Known Vulnerabilities Possibly Exploited in Recent Extortion Attacks

Oracle has confirmed that some of its customers have received extortion emails and the software giant’s investigation indicates that the attackers may have exploited known vulnerabilities.

Google Threat Intelligence Group (GTIG) and Mandiant revealed this week that executives at many organizations using Oracle’s E-Business Suite (EBS) enterprise resource planning product have received emails claiming the theft of sensitive information.

GTIG and Mandiant researchers have yet to confirm the hackers’ claims, but pointed out that the extortion emails claim to come from members of the notorious Cl0p cybercrime group, and the messages have been sent from compromised accounts previously linked to another cybercrime gang tracked as FIN11.

Contacted by SecurityWeek, Oracle representatives pointed to a blog post published on Thursday by Rob Duhart, the software giant’s chief security officer.

Duhart said the company is aware that some E-Business Suite customers have received extortion emails.

“Our ongoing investigation has ...