It took more than two months.
After the hacking at the end of June of the French insurance brokerage company Assu 2000, a group of hackers has just claimed responsibility for this attack, via a rather intimidating process.
The hackers of the Conti group have just published on their blog on the "Dark Web", a galaxy of underground networks used by millions of people, part of its loot in an attempt to sell the insurer who refused to give up in the face of pirates.
If officially, the French group founded in 1975, the 9th largest broker in France, had mentioned a "technical concern", as explained by MagIt.
There is now no doubt that the "concern" was in fact a theft suffered by the company.
The #Conti ransomware hackers claim their June attack on Assu 2000 and post some of their loot on their DarkWeb blog to put pressure on the insurer that resists them.
pic.twitter.com/MrknrgjD9S
- Damien Licata Caruso (@DamienLicata) September 12, 2021
Moreover, our colleagues, who had been able to obtain an internal letter addressed to the employees of Assu 2000, showed that Jacques Bouthier, president of the group, confirmed "a computer attack on the night of June 29".
The group, which claims nearly 550,000 customers, then decided to "temporarily suspend [its] IT activities to deal with breakdowns (...) caused" by the cyberattack.
A very active group of hackers
An investigation with experts in this field and the authorities had been opened, in collaboration with the CNIL, the Central Office for the Fight against Crime related to Information and Communication Technologies and the judicial police.
In a recent report, Digital Shadows reported 740 ransomware victims in the second quarter of 2021. A 47% increase between the first quarter of the year and the second.
Read also Gangs, extortion and ransomware ... Investigation into highly organized hackers
The researchers also note “that the Conti hacker group is the most active in terms of victims.
These cybercriminals work with the Ryuk malware, which is now well known to the relevant authorities.
It is malicious software that has targeted many organizations in critical industries, including emergency services ”.
Thus, in February, the Villefranche-sur-Saône hospital fell victim to this malicious software.
Appeared at the end of 2019, the phenomenon of cyber attacks by ransomware has gained momentum in 2020, aided by teleworking and the proliferation of groups of cybercriminals attracted by the financial windfall of data blackmail. In France, in 2020, one in five companies said they had suffered at least one ransomware attack, according to the recent barometer of the Club of Information and Digital Security Experts (CESIN).