A ransomware attack was launched against the Stuttgart-based cloud service company United Hoster. The hosted exchange is consequently unavailable.
An internal investigation revealed that an attacker had used a previously undiscovered Microsoft Exchange vulnerability to gain access to the Exchange Server.
Ransomware was installed on the server during this unauthorized access, leading to the host's comprehensive encryption.
The corporation views the absence of a ransom demand as additional proof that no data has been compromised.
Source: https://www.heise.de/news/Ransomware-Attacke-Hosted-Exchange-von-United-Hoster-offline-9064768.html
TPRM report: https://scoringcyber.rankiteo.com/company/united-hoster-gmbh
"id": "uni85729723",
"linkid": "united-hoster-gmbh",
"type": "Ransomware",
"date": "05/2023",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Cloud Services',
'location': 'Stuttgart',
'name': 'United Hoster',
'type': 'Cloud Service Company'}],
'attack_vector': 'Exploitation of Microsoft Exchange vulnerability',
'description': 'A ransomware attack was launched against the Stuttgart-based '
'cloud service company United Hoster. The hosted exchange is '
'consequently unavailable. An internal investigation revealed '
'that an attacker had used a previously undiscovered Microsoft '
'Exchange vulnerability to gain access to the Exchange Server. '
'Ransomware was installed on the server during this '
"unauthorized access, leading to the host's comprehensive "
'encryption. The corporation views the absence of a ransom '
'demand as additional proof that no data has been compromised.',
'impact': {'data_compromised': 'No', 'systems_affected': 'Exchange Server'},
'initial_access_broker': {'entry_point': 'Microsoft Exchange vulnerability'},
'post_incident_analysis': {'root_causes': 'Previously undiscovered Microsoft '
'Exchange vulnerability'},
'ransomware': {'data_encryption': 'Yes', 'ransom_demanded': 'No'},
'title': 'Ransomware Attack on United Hoster',
'type': 'Ransomware',
'vulnerability_exploited': 'Microsoft Exchange vulnerability'}