"HelloKitty Ransomware Is Targeting Vulnerable SonicWall Devices"
The U.S. Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) warns of the exploitation of a known vulnerability in SonicWall Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products with end-of-life (EOL) firmware as part of targeted ransomware campaign. CISA urges users and administrators to either upgrade their devices to the latest firmware or disconnect all EOL appliances as soon as possible. The cybersecurity firm CrowdStrike confirmed that HelloKitty is one of the groups behind the ongoing ransomware attacks. HelloKitty is a human-operated ransomware operation that has been active since November 2020. This ransomware group is known for attacking the Polish video game company CD Projekt Red and claiming to have stolen source code for Cyberpunk 2077, Witcher 3, and other games. This article continues to discuss the targeting of a known and previously patched vulnerability contained by EOL SonicWall SMA and SRA products in an ongoing ransomware campaign, the HelloKitty ransomware group said to be among the multiple threat actors behind the campaign, and other threat groups that have targeted vulnerabilities in SonicWall devices to launch ransomware attacks.
Bleeping Computer reports "HelloKitty Ransomware Is Targeting Vulnerable SonicWall Devices"