Skip to content

Novel ransomware group attacks US telco WideOpenWest

  • by
  • 2 min read

Illustration: JMiks | Shutterstock

A new ransomware gang called Arkana Security claims to have attacked US telecom provider WideOpenWest (WOW!). The cybercriminals claim to have stolen customer data and taken control of critical systems on the company’s network.

The breach was first discovered by vx-underground, claiming that Arkana has accessed over 403,000 customer accounts and taken control of systems like AppianCloud and Symphonica. This data includes usernames, passwords, security questions, and service package details. The group even posted a video demonstrating their access to the systems.

Security firm SOCRadar did a technical analysis of the breach and found that the ransomware group specialised in exploiting vulnerabilities in corporate systems. They also seem financially motivated, as their focus is clearly on extorting any data they can get their hands on.

According to the group’s Tor website, the operations run on a three-phase model, with the group first demanding a ransom. If a ransom isn’t paid, they try to sell off the data, and if they fail, they release it to the public. The group hasn’t been assigned any concrete affiliations yet, but SOCRadar’s report claims the language used on their website and the video shared by vx-underground suggest the group originated in Russia or is affiliated with a Russian state-sponsored threat actor.

This is an image of arkana website
Arkana Security’s dark web website. | Source: SOCRadar

WideOpenWest seems to be Arkana’s first victim, as no other compromised companies are listed on its website. What’s more worrying is the ransomware group’s alleged unrestricted access to the firm’s Symphonica system, which they claim can be used to spread malware onto customer devices.

WOW! hasn’t officially confirmed the breach. SOCRadar’s report claims it could cause “significant reputational damage and potential legal regulatory repercussions. ” Exposing sensitive customer data undermines the company’s trust, not to mention the heavy financial investments required to fix the breach and upgrade security systems.

In the News: Chinese hackers remained undetected in Asian telco’s network for 4 years

Yadullah Abidi

Yadullah Abidi

Yadullah is a Computer Science graduate who writes/edits/shoots/codes all things cybersecurity, gaming, and tech hardware. When he's not, he streams himself racing virtual cars. He's been writing and reporting on tech and cybersecurity with websites like Candid.Technology and MakeUseOf since 2018. You can contact him here: yadullahabidi@pm.me.

Related Reads

How to download print google calendar? | candid. Technology

Chinese hackers are using Google Calendar to target governments

Illustration: jmiks | shutterstock

Fake AI software installers are spreading ransomware

This is an image of router vs wifi

ASUS routers hacked in mass backdoor campaign

This is an image of dark web hacker security

Victoria’s Secret website taken down after cyber attack

This is an image of spyware malware cybersecurity privacy featured 31

Virgin Media’s O2 network exposed customer phone locations

This is an image of malware featured security

Hackers caught using fake AI websites to spread malware

>