When you experience a breach, time is crucial. Our 24/7 Security Operations Center responds immediately with precision to eliminate the threat and restore operations.
ShadowSpear® is an unparalleled resource that defends your organizations against advanced cyber threats and attacks 24/7/365.
Your organization has cybersecurity weaknesses and vulnerabilities you don’t yet even know about. They need to be found and found immediately. If you don’t someone else will.
According to BleepingComputer, Canadian Discount Car and Truck Rentals has been hit with a DarkSide ransomware attack where the hackers claim to have stolen 120GB of data. Discount Car and Truck Rentals is a leading Canadian car and truck rental company with 300 locations throughout Canada. Enterprise Holdings’ Canadian subsidiary acquired the company in 2020. This month, the car rental company suffered a cyberattack by the DarkSide ransomware gang that disrupted the company’s online rental services at discountcar.com.
“Discount Car and Truck Rentals was subject to a ransomware attack that impacted the Discount headquarters office. A fully dedicated team isolated and contained the attack quickly. The team is working to investigate and restore service as quickly and safely as possible,” Discount Car and Truck Rentals confirmed in a statement to BleepingComputer. While the company restores services, visitors who try to book or manage a rental online are greeted with a message stating that the website is down due to technical issues and to call the listed number for assistance. DarkSide recently listed the company on their ransomware data leak site where they claim to have stolen 120 GB of unencrypted data, including finance, marketing, banking, account, and franchisee data. As proof of this data theft, DarkSide posted numerous pictures of alleged Discount Car and Truck Rentals folder listings.
In August of last year, SpearTip covered DarkSide and its similarities to the REvil ransomware group. DarkSide ransomware operators try to elevate privileges to gain access to administrative rights across a network. In order for DarkSide to avoid former Soviet countries, a locale check is performed to ensure they attack only English-speaking countries. The threat actors then create a log file called ‘LOG.{userid}.TXT’ which is used for the ransomware execution process. SpearTip’s ShadowSpear® Platform defends against attacks from groups like DarkSide by blocking the log file from executing.
SpearTip’s cyber experts continuously monitor environments 24/7 in our US-based Security Operations Center. Our certified engineers work in unison with our proprietary endpoint detection and response tool, ShadowSpear®. This allows your organization to have direct communication with our engineers at any moment and a completely transparent view of your risk profile.
If you are experiencing a breach, please call our Security Operations Center at 833.997.7327.
Identify, neutralize, and counter cyberattacks - provide confidence in your security posture
24/7 Breach Response: US/CAN: 833.997.7327
Main Office: 800.236.6550
1714 Deer Tracks Trail, Suite 150
St. Louis, MO 63131
©2024 SpearTip, LLC. All rights reserved.