Cuba Ransomware Group Exploits Veeam Vulnerability to Target Critical Infrastructure

The Cuba ransomware group has attacked a critical infrastructure organization in the U.S. via a vulnerability in Veeam

The group used malicious tools from previous campaigns, as well as a new exploit for the Veeam vulnerability CVE-2023-27532

The vulnerability allows an attacker to access credentials stored in the configuration file on victim devices

The Cuba ransomware group has compromised more than 100 organizations globally and demanded more than $145 million in ransom

The group has also attacked an IT integrator in Latin America in June

The group's most recent campaign targeted organizations in the U.S., Mexico, Guatemala, Honduras, El Salvador, the Dominican Republic, Costa Rica, Panama, Colombia, Ecuador and Chile

The Cuba ransomware group is financially motivated and continues to target entities in crucial sectors such as critical infrastructure

Sectrio's global threat report

To learn more about cyber attacks around the world, explore Sectrio's global threat report.