Tech »  Topic »  Ransomware Gang Exploits Old Fortinet VPN Flaw

Ransomware Gang Exploits Old Fortinet VPN Flaw


Kaspersky: Cring Group Targeting European Organizations Akshaya Asokan (asokan_akshaya) • April 8, 2021

The attack workflow starts by exploiting an old Fortigate VPN server flaw. (Source: Kaspersky)

The gang behind ransomware dubbed "Cring," which has waged a series of attacks this year, is exploiting a Fortinet VPN server vulnerability that the company patched in 2019, according to a report from the security firm Kaspersky that analyzes one attack in Europe.

See Also: Live Webinar | Attacks on Cloud Infrastructure

The researchers report that the ongoing campaign, which began in January, exploits the Fortigate VPN server flaw tracked as CVE-2018-13379 to gain initial access. Once in the victim's environment, the attackers encrypt data and then demand a ransom of two bitcoins ($113,768) for decrypting the files.

Kaspersky researchers investigated a successful Cring intrusion at a manufacturing organization in Europe. The attack resulted in a temporary shutdown of the industrial process due ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE