Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Security researchers observed hackers associated with the notorious locking gang, which exploited Fortinet Firewall’s sensitivity in several companies.
In A report broadcast last weekForescout researchers are a group of security researchers “Mora_001” Dubludi “Mora_001” sits on the edge of a company and act as a digital goalkeeper, place and place a special Firomware lever called “Superblack”.
One of the vulnerabilities followed as CVE-2024-5591Was exploited at Cyberattacks To break the corporate networks of Fortinet customers Since December 2024. CVE-2025-24722The attacks are also exploited by the MORA_001. Fortinet left patches for both mistakes in January.
Sai Molige, threatening Hanging General Manager in Forescout, Kiberecuritury said “We are investigating three incidents in various companies, but we believe that others will be others.”
In an approved interference, Forescout said he observes the “selected” encryption of the “selected” encryption with the striker’s sensitive information.
“Encryption was launched only after the latest trends among Ransomware operators that prioritize the information theft on pure events,” Molige said.
Forescout, Mora_001 threatening actor “Demonstrates a different operating signature” says the firm said that the company’s Lockbit Ransomware was “close relationships” Last year the US government is violated. Molige, Superblack Ransomware, Lockbit 3.0 is based on the leaking builder behind the malware, which is used by the MORA_001, includes the same messaging address used by the locking button.
“This contact can show that Mora_001 is a unique operating methods or combined group sharing with communication channels,” Molige said.
Stefan Hostets, Kibers-Cibritury Firm Head of Threatening Intelligence In Arctic Wolf The operation of CVE-2024-55591 was previously observedThe findings of TechCrunch’s findings say the hackers “followed the remaining organizations that tighten their fiery configurations when the sensitivity was first disclosed.
Hostets are similar to other groups of ransom notes used in these attacks, Now as Defunct AlphV / Blackcat Ransomware gang.
Fortinet did not answer TechCrunch’s questions.
