Ukrainian software developer SoftServe suffered a ransomware attack on September 1st that may have led to the theft of customers’ source code. The attack occurred between 2 AM and 9 AM, according to an incident report found today by security researcher MalwareHunterTeam. The attackers exploited a DLL hijacking vulnerabilitie in the legitimate Rainmeter application to deploy their ransomware. The report also includes a. PowerShell script used to find files that were changed during the attack, indicating that the. attack occurred before 2 AM to 9 AM. The most significant consequences of the attack are the temporary loss of functionality of a part of the mail system and the halt of some of the auxiliary test environments.
Source: https://www.bleepingcomputer.com/news/security/softserve-hit-by-ransomware-windows-customization-tool-exploited/