Malwarebytes
Malwarebytes' security systems faced an attack by the RansomHub ransomware gang, who leveraged Kaspersky's TDSSKiller tool to disable endpoint detection and response (EDR) services. This tactic, directed at the Malwarebytes Anti-Malware Service, was part of the attackers' strategy to undermine defense mechanisms and facilitate ransomware deployment. Additionally, the LaZagne tool was used for extracting and likely exfiltrating credentials. While the extent of the breach has not been publicized, the usage of legitimate tools allowed the attackers to bypass security measures, indicating a sophisticated approach and underscoring the challenges organizations face in protecting against such illicit activities by ransomware operators.
Source: https://securityaffairs.com/168296/malware/ransomhub-ransomware-tdskiller-disable-edr.html
"id": "mal000091224",
"linkid": "malwarebytes",
"type": "Ransomware",
"date": "9/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"