French IT services company Sopra Steria confirmed today that they were hit with a Ryuk Ransomware attack. The company had previously been infected with either TrickBot or Bazar loader. Both malware infections are created by the same hacking group and provide remote access to the threat actors behind the attack. This access allows the attackers to compromise a network further and ultimately deploy the ransomware throughout the company’s devices. The attack was only launched a few days before it was detected, according to a statement sent to BleepingComputer.
Source: https://www.bleepingcomputer.com/news/security/sopra-steria-confirms-being-hit-by-ryuk-ransomware-attack/