The Olympus Company logo is lit up at night – Photo: Getty Images
“When we detect suspicious activity, we immediately mobilize a dedicated response team including digital forensic experts and are giving the highest priority to solving this issue. To serve the investigation. , we have halted the transfer of data in the affected systems and have notified the relevant partners,” Olympus said in a statement.
However, according to the site’s own source TechCrunch, Olympus is in the process of dealing with the aftermath of a ransomware attack that happened to them from dawn on September 8.
A source shared details about the incident before Olympus’s announcement reconfirmed this incident on September 12.
Accordingly, in the notice left on the compromised computers, the attacking hacker group called themselves the BlackMatter group.
“Your network has been encrypted and is no longer active – the message read – If you pay, we will provide programs to decrypt.”
The extortion notice also includes a website address that leads to a website accessible only with the Tor Browser used by the BlackMatter team to contact their victims.
Brett Callow, an expert in ransomware and risk analysis at security firm Emsisoft, believes that the website address left in the attack group’s notice is related to the BlackMatter group.
BlackMatter is a group of blackmail hackers born after many similar extortion organizations such as Darkside and REvil. The Emsisoft expert said he discovered technical connections as well as code overlaps between the Darkside and BlackMatter teams.
Olympus is a major manufacturer of optical and imaging equipment based in Japan, best known for products such as microscopes, binoculars and especially cameras and lenses.