Medusa ransomware group has misidentified its victim, claims HostAfrica, after the hacker group listed the company as a victim on its dark web portal.
On May 13, the Medusa Ransomware Group claimed the HostAfrica cyber attack adding that they had successfully hacked into the systems of the company, asserting their possession of sensitive data and issuing a threat to release it to the public within seven days.
However, the company has denied being a victim of the cyber attack and explained that the threat actor had mistakenly confused two distinct entities—HostAfrica and privately-owned African telecommunications company.
Company Busts HostAfrica Cyber Attack Claim by hackers
Responding to a query by The Cyber Express, HostAfrica refuted the hacker’s claim of a cyber attack, confirming that the data did not belong to the company.
Upon analyzing the data, HostAfrica shared some insights with TCE, and concluded that the ransomware gang has shared the wrong information, and they had not attacked HostAfrica.
On Saturday, 13 May 2023, the ransomware group known as Medusa claimed to have targeted HOSTAFRICA as their latest victim of ransomware attacks,” read the company’s official response to the security incident.
“However, upon inspecting the dataset displayed on their website, it became evident that the data in question does not belong to us but rather to another firm.”
“The file structure and naming convention of the dataset align with the other company’s control panel on the domain ‘cloudhostafrica.com,’ which bears similarity to our brand’s domain names, ‘hostafrica.com’ and ‘cloud.co.za,’.”
Commenting on the data posted by the hacker group, the company stated that it was clear that the ransomware group had “mistakenly attributed their hack to HOSTAFRICA.
While we don’t take delight in the news of another company being a victim of cybercriminals, we want to assure our clients that we take our security very seriously and we want to encourage our clients to take the time to put their own cybersecurity and disaster recovery measures in place,” the response added.
African telecommunications services Seacom confirms cyber attack
Parallel to this incident, Seacom, an African telecommunications, and managed services provider, had disclosed a cyber security incident earlier this May.
In a statement, the company confirmed that the incident, which occurred the previous day, had been limited to its hosting environment. Only a small number of customers were affected.
The firm also assured its managed services, corporate, and wholesale customers that no compromise had occurred concerning their data.
The impact of the incident was confined solely to a small server environment, leaving the core network and business and wholesale connectivity services unaffected and stable.
Underscoring the paramount importance of customer and data security, it emphasized its proactive monitoring of all network systems to mitigate potential threats and respond promptly to future incidents.
In light of the recent event, the company’s IT and security teams have diligently implemented their business continuity plan to ensure a resilient and secure environment.
Cybercriminals and False Claims
There have often been incidents where infamous cybercriminals have made false claims of massive cyber attacks on big companies, which later have been refuted.
Interestingly, Lapsus$, LockBit and other notorious cybercriminals have been “caught red-handed” for fake cyber attack, as highlighted in a 2022 report.
This, the report states, is done with multiple intentions, which include gaining attention, free publicity, disinformation campaign to create pressure on the company or just to simply stay in the limelight.
In August 2022, Clop ransomware group claimed to have hacked Thames Water, one of the largest utility companies in the UK serving over 15 million customers.
Later, it turned out that the victim was actually South Staffordshire PLC, the parent company of South Staffs Water and Cambridge Water, suggesting that the misidentification was intentional to gain attention for the group.
