defi SOLUTIONS calls out ‘bluff’ of recent hacker threats
Technology experts at defi SOLUTIONS are calling out the “bluff” of fraudsters.
On Monday, the provider of originations, servicing, and managed servicing software and services announced an unsuccessful hacking and extortion attempt by a known cybercriminal group.
According to a news release, the group, which according to the Cybersecurity Advisory (CSA) has targeted organizations in multiple U.S. critical infrastructure sectors since June 2022, contacted defi through emails and phone numbers from the company’s public-facing website and threatened to inform defi partners (also published on the company’s public-facing website), regulators, and others of the intrusion and to disseminate what they referred to as confidential information.
Over a month prior to the group’s contact, during a contemporaneous review of access logs, defi had discovered unauthorized access to legacy infrastructure that was in the process of being decommissioned and completely network segmented from all other defi commercial systems.
The company said that access resulted in the retrieval of certain legacy product documentation and possibly some other dated internal defi documents.
Executives said they took “immediate” steps to cut off unauthorized access and to further isolate the compromised infrastructure.
The company insisted no sensitive defi information, client information, or consumer information was accessed. Given the limited nature of the accessed information, defi did not provide public notice of this intrusion.
Robert Olen, vice president of information security at defi SOLUTIONS, said the hackers have since followed through on threats and have begun contacting certain organizations, falsely claiming to have confidential information.
“This is nothing more than a bluff,” Olen said in the news release. “From what we see, there is no threat to defi, its employees, customers, partners or any consumers.”