An info-stealing campaign by RedLine targets Russian businesses that use pirated corporate software to automate business processes. Attackers distribute a malicious version of HPDxLIB activator on accounting forums, luring users to disable security measures and replace legitimate libraries with infected ones. The compromise leads to the theft of sensitive data, such as credentials and financial information, from businesses relying on these pirated solutions. This not only disrupts business operations but also poses a significant threat to the proprietors' privacy and the companies' financial integrity.
"id": "the000121024",
"linkid": "the-record-by-recorded-future",
"type": "Breach",
"date": "12/2024",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"