Sonic Wall warned customers on Friday of a “imminent” ransomware attack targeting its Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life firmware version 8.x firmware.
Sonic Wall notified its customers to take immediate action, including unplugging from the network because there are no interim mitigating solutions in place,
Commenting on the development, Check Point Software Technologies’s Head of Customer Success and Regional Security Engineering Lead, India & SAARC, Prakash Bell, said “Earlier today, the network device company SonicWall have sent an urgent notice to its customers alerting of a ransomware campaign specifically targeting a specific model running an end-of-life (EOL) firmware,”
He added “With no temporary mitigation solutions in place, they have requested all customers to take immediate action, including disconnecting them from the network immediately,”
According to Bell, it is yet unknown which Ransomware group is involved.
This is another another example of hackers exploiting a weakness in specific SonicWall devices, and similar targeting has occurred with a few other vendors in the past.
Bell said “This is yet another stark reminder that customers who haven’t updated their devices or are using an End-Of-Life product not receiving updates, continue to remain significantly exposed,”
He added “This aligns with a recent trend of ransomware attacks and shows us again that the cybercrime actors behind these attacks are very agile, always looking for new tricks and techniques that will allow them to do their malicious deeds,”