SNAI: down the online sports betting system, hacker attack
Now it's official: the snai.it site was attacked by a Ransomware-type hacker group.
The official press release was sent to SuspectFile by Snaitech's Press Office at 17:25 today 28 December 2020.
The press release speaks of "a cyber attack by unknown persons which caused, starting from last December 27, the malfunctioning of the snai.it site and of the gaming apps".
As we had foreseen both for the preventive modalities of the offline putting of the site by the IT technicians, and for the prolongation of the failure to restore the betting site quickly, it suggested a targeted attack by hackers.
According to the press release, the game accounts and sensitive user data were not affected by the intrusion, " Users are therefore reassured about their accounts - continues the press release - that they will not undergo any changes or lost".
It is hoped that even this case, as I have already had the opportunity to write in this article, does not retrace the false line of what happened in the recent past to other companies affected by Ransomware-type attacks, where they have seen their data published exfiltrated between the pages of sites created ad hoc by Ransomware hacker groups such as NetWalker, DoppelPaymer, Sodinokibi or others.
For hackers, the steps are always the same: intrusion> data theft> encryption of newly stolen data on servers> ransom note.
After the first ransom request, a few days pass which serve for a possible bargaining to try to bring down the requested amount. If the person who received the ransom has no intention of paying, the first batch of data is published: generally a very small part. At the expiry of the ultimatum, if the affected company does not pay the ransom, the rest of the data stolen during the cyber attack is published.
I hope that what was released by the Press Office is true, but hardly a hacker group when it carries out a cyber attack leaves the IT systems without having anything "in their hands". I believe instead that, in the event Snaitech decides not to pay the ransom, we will see the first data among the Tor networks very soon.
The official press release was sent to SuspectFile by Snaitech's Press Office at 17:25 today 28 December 2020.
The press release speaks of "a cyber attack by unknown persons which caused, starting from last December 27, the malfunctioning of the snai.it site and of the gaming apps".
As we had foreseen both for the preventive modalities of the offline putting of the site by the IT technicians, and for the prolongation of the failure to restore the betting site quickly, it suggested a targeted attack by hackers.
According to the press release, the game accounts and sensitive user data were not affected by the intrusion, " Users are therefore reassured about their accounts - continues the press release - that they will not undergo any changes or lost".
It is hoped that even this case, as I have already had the opportunity to write in this article, does not retrace the false line of what happened in the recent past to other companies affected by Ransomware-type attacks, where they have seen their data published exfiltrated between the pages of sites created ad hoc by Ransomware hacker groups such as NetWalker, DoppelPaymer, Sodinokibi or others.
For hackers, the steps are always the same: intrusion> data theft> encryption of newly stolen data on servers> ransom note.
After the first ransom request, a few days pass which serve for a possible bargaining to try to bring down the requested amount. If the person who received the ransom has no intention of paying, the first batch of data is published: generally a very small part. At the expiry of the ultimatum, if the affected company does not pay the ransom, the rest of the data stolen during the cyber attack is published.
I hope that what was released by the Press Office is true, but hardly a hacker group when it carries out a cyber attack leaves the IT systems without having anything "in their hands". I believe instead that, in the event Snaitech decides not to pay the ransom, we will see the first data among the Tor networks very soon.
