No customer code or data was involved in the observed activities.
Our investigation has found a single account had been compromised, granting limited access.
Our cybersecurity response teams quickly engaged to remediate the compromised account and prevent further activity.
DEV-0537 is known for using a pure extortion and destruction model without deploying ransomware payloads.
The hacking group is also known for hijacking individual user accounts at cryptocurrency exchanges to drain cryptocurrency holdings.
Unlike most activity groups that stay under the radar, DEV-0537 doesnt seem to cover its tracks.
Our team was already investigating the compromised account based on threat intelligence when the actor publicly disclosed their intrusion.
source: www.techworm.net
