The Apache Software Foundation disputes claims that its OpenOffice project suffered an Akira ransomware attack, after the threat actors claimed to have stolen 23 GB of corporate documents.
Apache OpenOffice is a free, open-source office suite that includes word processing, spreadsheets, presentations, graphics, and database tools. It's compatible with major file formats, such as Word and Excel, and runs on multiple operating systems.
On October 30th, the Akira ransomware gang claimed it had breached Apache OpenOffice and stolen 23 GB of data, including employee and financial information, as well as internal files.
"We will upload 23gb of corporate documents soon. Employee information (addresses, phones, DOB, driver licenses, social security cards, credit cards information and so on), financial information, internal confidential files, lots of reports about their problems with the application and so on," reads an entry for Apache OpenOffice on the Akira data leak site.
Apache OpenOffice entry on Akira's data leak site
Source: BleepingComputer
However, the Apache Software Foundation has no idea what the ransomware gang is referring to, as it says it does not possess the types of data claimed to have been stolen.
"The Apache Software Foundation takes security of our projects' software very seriously, and we are currently investigating this claim. There has been no reported ransom demand to the Foundation orthe Apache OpenOffice project at this time." the Apache Software Foundation told BleepingComputer.
"Since Apache OpenOffice is an open source software project, none of our contributors are paid employees for the project or the foundation, so we don't even possess the set of data described in the claim."
"Therefore, we do not believe this claim is directed at the ASF's or Apache OpenOffice project's infrastructure itself. And, because OpenOffice is developed in an open and transparent manner on our developer mailing lists, all concerns about bugs and feature requests are already public."
... continue reading