Rackspace Ransomware Attack:
What You Need To Know

Contents

Summary Of The Attack

  • On December 2nd, Rackspace Technology noticed that users were experiencing issues while trying to access their Exchange Environment which turned out to be a ransomware attack.
  • There are still no indicators that any user-sensitive data were stolen.
  • Security researchers state that the ransomware attack was due to an unpatched version in the Exchange cluster which allowed the attackers to exploit the ProxyNotShell vulnerability.
.

What Happened?

On December 2, Rackspace Technology’s customers started experiencing issues while trying to log in to their Exchange environment. That for Rackspace was an indicator enough to start investigating and after their initial analysis, they confirmed a security incident occurred.

A few days later, Rackspace Technology stated that the issue at hand was actually ransomware, which was the reason for the outage that the users were experiencing.

The Rackspace Ransomware Attack Explained

Ransomware is a certain type of malware attack in which the attacker encrypts:

  • The dat