• Hi there and welcome to PC Help Forum (PCHF), a more effective way to get the Tech Support you need!
    We have Experts in all areas of Tech, including Malware Removal, Crash Fixing and BSOD's , Microsoft Windows, Computer DIY and PC Hardware, Networking, Gaming, Tablets and iPads, General and Specific Software Support and so much more.

    Why not Click Here To Sign Up and start enjoying great FREE Tech Support.

    This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Honda may have been hit by a ransomware attack


PCHF Tech News
Jan 10, 2015
Honda is reportedly the latest company to fall victim to the SNAKE ransomware which has affected its computer networks in Europe and Japan following a cyberattack.

At the moment, details are still unclear regarding the incident but the company has begun an investigation concerning the recently detected problems with its network. In a statement to BleepingComputer, a Honda spokesperson confirmed that its IT network is not functioning properly, saying:

“Honda can confirm that there is an issue with its IT network. This is currently under investigation, to understand the cause. In Europe, we are investigating to understand the nature of any impact”

Thankfully though, the issues have not affected Honda's production in Japan or its dealerships. The company spokesperson also said that Honda customers have not been impacted by the issues with its IT network.

SNAKE ransomware

Although Honda is still investigating the incident and the company has yet to provide any substantial details on what happened, a security researcher named Milkream has discovered that a sample of the SNAKE ransomware was submitted to VirusTotal which checks for Honda's internal network name of “mds.honda.com”.

During its analysis of the sample, BleepingComputer discovered that the ransomware would start and exit immediately without encrypting any files. The researcher explained to the news outlet that this is because the ransomware tries to resolve the domain of Honda's internal network and when it fails to do so, it terminates without encrypting any files.

It is still unclear as to how many of the Japanese auto maker's systems are affected but SNAKE is known to steal a victim's data before deploying its encryption routine.

Privacy advocate at Comparitech, Paul Bischoff provided more details on how Honda may have been infected with the SNAKE ransomware, saying:

“Based on the limited information Honda has released about the attack, this looks like the result of ransomware. Given that many operations are shut down, but no data was stolen, ransomware is the most obvious culprit. Attackers might have tricked a Honda employee into clicking a link that downloaded a ransomware-infected file, for example. If Honda has proper backup systems in place, it should be able to mitigate the effect of the attack and resume operations with minimal downtime. Honda is a huge company, though, so any downtime incurs large losses even if the company chooses not to pay the ransom.”

Via BleepingComputer


Continue reading...