No: Volue ASA hit by Ryuk ransomware

Volue is Norwegian software company.  On May 5, they reportedly became a victim of a ransomware attack. In a statement on their site, they explained:

Volue ASA was today subject to a cyber-attack impacting operation in some of the company’s business areas. Mitigating actions were immediately implemented. Currently, there seems to be limited impact on front-end customer platforms.

“We have discovered a cyber-attack on Volue. We immediately deployed our cybersecurity task force and initiated mitigating actions. All affected applications were shut down, and backup solutions initiated as far as possible. We have been supported by our external data security partners to neutralise the attack, and relevant authorities are informed. Our customers have been informed on necessary actions to continue safe operations,” says Trond Straume, chief executive officer of Volue.

Since then, updates were posted on Notable details included:

  • The attack on Volue Technology (“Powel”) was caused by Ryuk.
  • The attack impacted some of Volue Technology’s front-end customer platforms.

A detailed update was provided on May 10. It says, in part:

We have made substantial progress over the weekend, both with the forensics investigations and the recovery
program, including the risk assessments for applications and towards our customers. The results strongly indicate that the incident occurred in the period from 4 May, 10 pm to 5 May, 10 am and followed a more or less “typical” RYUK ransomware attack pattern. The data we have suggests the attack was aimed at Volue infrastructure and networks and was not targeted at third parties or customers.

It’s important to note that we have found no evidence to suggest that any of our customers have been
compromised in this attack

Read the full May 10 update or check for more recent updates.

Reporting by Ch1mung0, editing by Dissent.

About the author: chum1ng0

Comments are closed.