News The victims of the recently disclosed attacks on Centreon users were 15 organizations


Soldier

Essential
Joined
20.10.20
Messages
87
Reaction score
642
Points
83
Hackers attacked only users of the free version of Centreon, which ended support for five years ago.

According to the French software manufacturer Centreon, none of its paid customers were victims of the hacking campaign, which became known earlier this week.

Recall, according to a recent report by the French Information Systems Security Agency (Agence Nationale de la Sécurité des Systèmes d'information, ANSSI), from 2017 to 2020, the Sandworm APT group attacked organizations using Centreon's flagship product-the eponymous platform for monitoring IT resources. Russian-linked attackers hacked into the networks of organizations and installed malware to secretly collect information.

According to a new press release from Centreon, none of its major paid customers have fallen victim to the malicious operation Sandworm. Hackers attacked only organizations using the open source version of Centreon, distributed for free through the official website of the manufacturer.

In total, about 15 organizations became victims of the malicious campaign, and all of them used the outdated open source version of Centreon (v2.5.2), support for which ended five years ago. According to the manufacturer, the affected companies installed an outdated version of the platform "without respect for the security of servers and networks." Since the release of version 2.5.2 in November 2014, Centreon has released eight full-fledged versions of the product.

According to the information on the Centreon website, its clients include such large companies as Airbus, Agence France Press, Euronews, Orange, Lacoste, Sephora, ArcelorMittal, Total, SoftBank, Air France KLM, as well as French government agencies and city councils. However, as reported in the press release, none of them fell victim to the malicious campaign.
 
Top Bottom