Ransomware claimed to impact Desysweb’s systems, encrypting data across multiple servers with more than 60,000 files, and threatening that recovery will become impossible after the countdown unless the company contacts the attackers via the instructions in a “recovery” file. The threat actor “nova” states they are ready to decrypt the files, referencing Desysweb’s telecommunications/IT services and ISO 27001:2022 posture. #unknown
Incident Details
Information
- Desysweb is a comprehensive technology solutions integrator specializing in telecommunications and IT services, with managed services and a Security Operation Center.
- With over 200 clients and more than 13 years of experience, the company provides personalized consulting, high-quality materials, and competitive pricing.
- It is ISO 27001:2022 certified, reflecting strong information security and data protection practices.
- The company operates nationally across eight provinces and delivers tailored projects with 24/7 customer support from certified engineers.
- The company’s systems are encrypted, with more than 60,000 files affected across multiple servers.
- A recovery file inside the encrypted systems provides contact channels for communication.
- If the countdown ends, the information will no longer be recoverable and the data will be lost.
- The attackers claim they are ready to decrypt each file and urge immediate contact.
Disclaimer: This post is based on public claims made by the ransomware group "nova". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.