CompuCom

The servers of CompuCom were affected by a DarkSide ransomware attack.

The attackers gained the access to administrative credentials and initiated the attack by installing Cobalt Strike beacons on several systems.

The DarkSide ransomware group members accessed the company's unencrypted files before encrypting the devices.

Source: https://www.crn.com/news/security/compucom-hit-by-darkside-ransomware-tells-customers-report?itc=refresh

TPRM report: https://www.rankiteo.com/company/compucom

"id": "com23274322",
"linkid": "compucom",
"type": "Ransomware",
"date": "6/2017",
"severity": "90",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': 'Technology',
                        'name': 'CompuCom',
                        'type': 'Company'}],
 'attack_vector': 'Credential Theft',
 'data_breach': {'data_exfiltration': True},
 'description': 'The servers of CompuCom were affected by a DarkSide '
                'ransomware attack. The attackers gained access to '
                'administrative credentials and initiated the attack by '
                'installing Cobalt Strike beacons on several systems. The '
                "DarkSide ransomware group members accessed the company's "
                'unencrypted files before encrypting the devices.',
 'impact': {'data_compromised': True, 'systems_affected': True},
 'initial_access_broker': {'entry_point': 'Administrative Credentials'},
 'motivation': 'Financial Gain',
 'ransomware': {'data_encryption': True,
                'data_exfiltration': True,
                'ransomware_strain': 'DarkSide'},
 'threat_actor': 'DarkSide Ransomware Group',
 'title': 'CompuCom DarkSide Ransomware Attack',
 'type': 'Ransomware'}