Dragoon Security Group
- Aug 12, 2019
- 1 min read

New light on the iNSYNQ ransomware attack

It appears the cloud hosting provider of Quickbooks was initially infected through a phishing email received by a member of the sales department.

Attackers spent 10 days in the company’s infrastructure, spreading the malware to systems and data backup solution.

The firm’s Incident Response Plan allowed them to stop the spread of infections but not until half of their systems had been compromised, including their backup solution which has since been overhauled.

While most customers have been restored and operational, continued recovery efforts are ongoing.

#ransomware #insynq #cloud #quickbooks #phishing #sales #data #backups #accounting #bookkepping

Recent Posts

See All

Small Town But Not Too Small To Fail

After a chaotic summer of coordinated ransomware attacks against municipal governments, resulting in disruption of critical services to citizens, some refreshing news from Rhode Island of a small town

60 Minutes on Ransomware

While I’m glad this issue is gaining national attention, this piece was very defeatist. Companies wouldn’t accept a thief walking in and taking tens of thousands of dollars from the register. Yet beca

Record $2.5MM Ransom Demand for 23 Texas Local Governments

All impacted governments received outsourced IT support from the same provider. #ransomware #Texas #ITSP #MSP https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-

Post: Blog2_Post