2023-04-18 02:32:47
After being the subject of a series of ransomware attacks , NCR’s Aloha POS platform is no longer available due to the incident. The BlackCat/ALPHV gang claimed responsibility for the attack.
NCR is an American software and technology consulting company that specializes in providing restaurants, businesses, and retailers with solutions for digital banking, point-of-sale (POS) systems, and payment processing.
Since Wednesday, one of its products, the Aloha POS platform, which is used in hospitality services, has been experiencing an outage and as a result, customers are unable to use the system. On April 12, NCR disclosed to the public for the first time that it was investigating an “issue” with Aloha Restaurant’s point-of-sale (PoS) device. An outage that occurred at a single data center on April 15 caused the company to report that a small number of Aloha helper applications used by a fraction of its hospitality customers were among those affected.
“On April 13, we were able to establish that the outage was caused by a ransomware incident. As soon as we became aware of this turn of events, we immediately began notifying consumers, enlisting the assistance of third-party cybersecurity experts, and launched an investigation. In addition, the forces of order have been alerted, said the NCR.
The firm has been trying to restore the affected services, but in the meantime, they have said that the affected restaurants should still be able to serve their guests; the only capacity that has been interrupted is particular.
The ransomware gang known as BlackCat, Alphv and Noberus claimed responsibility for the attack on their Tor-based jailbreak website; however, the hackers removed the article almost immediately after it was published. At the very least, BlackCat ransomware has been around since November 2021, and the leak website for this malware now lists more than 300 victims. The organization has been documented to go after manufacturing companies. The term “BlackCat” was given to the ransomware group because the data breach site they used included an image of a black cat. On the other hand, threat actors refer to themselves as ALPHV when discussing their operation on hacker forums and when they are negotiating.
Since its inception, the ransomware operation has expanded to become one of the largest ransomware operations currently in operation. It is responsible for hundreds of attacks around the world, and its ransom demands range from $35,000 to more than $10 million.
In the since-deleted post, the hackers claimed they were approached by NCR personnel who were interested in finding out the nature of the data that was taken from their systems. The hackers said they did not acquire any actual NCR data, but they did collect “a lot of credentials” that can be used to gain access to NCR customer networks. The hackers also stated that they did not steal any data from NCR.
The BlackCat leak website appears to have removed a post naming NCR, which is a strong indication that discussions have begun and that the hackers are hoping to be compensated.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He has also worked for security companies such as Kaspersky Lab. His daily work includes investigating new malware and cybersecurity incidents. He also has a deep level of knowledge in mobile security and mobile vulnerabilities.
Send news tips to [email protected] or www.instagram.com/iicsorg/
You can also find us on Telegram www.t.me/noticiasciberseguridad
#NCR #company #hacked #ransomware #gang #negotiating