IceFire Ransomware Targets Kod Hosting

Company Profile

Kod Hosting is a web hosting provider that offers a range of services, including DDR5 RAM servers, OwnCloud hosting, and SSL certificates. The company's website is http://kodhosting.com.

Vulnerabilities

IceFire ransomware targets Linux systems, exploiting vulnerabilities such as CVE-2022-47986, a critical remote code execution (RCE) vulnerability in the IBM Aspera with a CVSS rating of 9.8. The attackers use this vulnerability to deploy their payloads and encrypt the victims' Linux systems.

Impact

The IceFire ransomware attack on Kod Hosting has resulted in the encryption of files on the company's Linux systems, with the attackers demanding payment in exchange for the key to decrypt them. The attack has caused disruption to the company's operations and potentially put sensitive data at risk.

The IceFire ransomware attack on Kod Hosting underscores the growing trend of ransomware targeting Linux systems, which are increasingly being used in enterprise settings for critical tasks such as hosting databases, web servers, and other mission-critical applications. Companies operating in the Media & Internet sector, like Kod Hosting, should be aware of this trend and take appropriate measures to secure their Linux systems against ransomware attacks.

Sources

• IceFire Ransomware Portends a Broader Shift From Windows to Linux - Dark Reading
• IceFire ransomware now encrypts both Linux and Windows systems - Bleeping Computer
• IceFire Ransomware Attacks Both Windows and Linux Enterprise Networks - GBHackers