CyberSecurityBoard
Sponsor Register Login

HellCat hackers go on a worldwide Jira hacking spree

The Swiss company did not provide technical details about the breach but targeting the Jira ticketing system has become a common attack method for the HellCat hackers. Rey, a member of the HellCat hacking group, told BleepingComputer that they stole from Ascom source code for multiple products, details about various projects, invoices, confidential documents, and issues from the ticketing system. HellCat’s activity didn’t stop at these breaches as the threat actor announced today that they compromised the Jira system of Affinitiv, a marketing company that provides data analytics a platform for OEMs and dealerships in the automotive industry. Previous incidents claimed by HellCat and confirmed by the targeted companies count Schneider Electric, Telefónica, and Orange Group, and in all three instances the hackers breached their way in through Jira servers. Swiss global solutions provider Ascom has confirmed a cyberattack on its IT infrastructure as a hacker group known as Hellcat targets Jira servers worldwide using compromised credentials. Ascom says that the hackers compromised its technical ticketing system, the incident had no impact on the company’s business operations, and that customers and partners do not need to take any preventive action. The threat actor confirmed to BleepingComputer that they breached Affinitiv through a Jira system and disclosed publicly that they stole a database with a little over 470,000 “unique emails” and more than 780,000 records. The company announced in a press release that hackers on Sunday breached its technical ticketing system and is currently investigating the incident. HellCat hacking group claimed the attack and told BleepingComputer that they stole about 44GB of data that may impact all of the company’s divisions. Alon Gal, co-founder and CTO at threat intelligence company Hudson Rock, says the JLR breach follows a pattern specific to HellCat hackers. Recently, the same hackers also took responsibility for an attack on the British multinational car maker Jaguar Land Rover (JLR) and stole and leaked about 700 internal documents. Gal highlights that the compromised credentials were not fresh and had been exposed for several years but remained valid all this time, allowing hackers to take advantage. As credentials collected by infostealers are easy to find and given that some of them remain unchanged for years as companies fail to include them in a regular rotation process, such attacks will likely become more frequent.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Thu, 20 Mar 2025 13:45:22 +0000


Cyber News related to HellCat hackers go on a worldwide Jira hacking spree

HellCat hackers go on a worldwide Jira hacking spree - The Swiss company did not provide technical details about the breach but targeting the Jira ticketing system has become a common attack method for the HellCat hackers. Rey, a member of the HellCat hacking group, told BleepingComputer that they stole ...
3 weeks ago Bleepingcomputer.com
Hellcat Ransomware Group Hacked Ascom Technical Ticketing System - The attack represents the latest in a global hacking spree targeting Jira servers, with Hellcat employing their signature method of exploiting compromised credentials to gain unauthorized access to sensitive corporate infrastructure. Jira, a project ...
3 weeks ago Cybersecuritynews.com
Fixing a Major Security Issue in Jira Service Management Server and Data Center - This week, a major security vulnerability was fixed in Jira Service Management Server, a popular IT services management platform for enterprises. This vulnerability could have allowed attackers to impersonate users and gain access to access tokens. ...
2 years ago Csoonline.com CVE-2023-22501
Encouraging Ethical Hacking Skills in Students - This article delves into the significance of encouraging ethical hacking skills in students and the numerous benefits it offers to individuals and society as a whole. Possessing ethical hacking skills can provide students with a competitive advantage ...
1 year ago Securityzap.com
Hacker Conversations: Chris Evans, Hacker and CISO - Chris Evans is CISO and chief hacking officer at HackerOne. SecurityWeek's Hacker Conversations series seeks to understand the mind and motivations of hackers by talking to hackers. Evans challenges the common perception of both hackers and their ...
9 months ago Securityweek.com Silence
CVE-2021-41275 - spree_auth_devise is an open source library which provides authentication and authorization services for use with the Spree storefront framework by using an underlying Devise authentication framework. In affected versions spree_auth_devise is subject ...
2 years ago
Hellcat Ransomware Updated It’s Arsenal to Attack Government, Education, and Energy Sectors - Their analysis revealed that Hellcat has demonstrated remarkable ability to bypass traditional security controls through a multi-stage attack approach, employing reflective code loading techniques to execute malicious code directly in memory, ...
4 days ago Cybersecuritynews.com
CVE-2020-36239 - Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 ...
2 years ago
CVE-2020-26223 - Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status ...
4 years ago
Atlassian Alerts of Major Security Issue with Jira Service Management - This week, Atlassian warned of a critical-severity authentication vulnerability in Jira Service Management Server and Data Center that could allow malicious actors to impersonate Jira users. If an attacker has write access to a User Directory and ...
2 years ago Securityweek.com
Atlassian warns of 4 new critical vulnerabilities affecting Jira, Confluence, Bitbucket - Atlassian Jira, Confluence, Bitbucket and macOS Companion app users are warned to update their software immediately due to four critical vulnerabilities allowing for remote code execution. Atlassian, an Australian software company, has more than ...
1 year ago Packetstormsecurity.com CVE-2023-22518 CVE-2023-22522 CVE-2023-22523
Why Have Big Cybersecurity Hacks Surged in 2023? - Payments made to hackers who hold systems hostage for ransom increased by almost half through September, according to blockchain analytics firm Chainalysis Inc., totaling almost $500 million in payouts. In just the past few months, hackers have ...
1 year ago Bloomberg.com LockBit
How Hackers Interrupted GTA 5 Online Gameplay on PC - Recently, a cyber-attack on Grand Theft Auto 5 Online on PC caused an interruption to thousands of players’ gameplays. The game was completely taken offline and players couldn’t even access the main gameplay menu. The attack caused an uproar ...
2 years ago Hackread.com
Understanding Mobile Network Hacking: Risks, Methods, and Safeguarding Measures - In an era dominated by mobile connectivity, the security of mobile networks has become a critical concern. Mobile network hacking refers to unauthorized access and manipulation of mobile communication systems, posing significant risks to individuals ...
1 year ago Cybersecurity-insiders.com
North Korea's state hackers stole $3 billion in crypto since 2017 - North Korean-backed state hackers have stolen an estimated $3 billion in a long string of hacks targeting the cryptocurrency industry over the last six years since January 2017. Kimsuky, Lazarus Group, Andariel, and other North Korean hacking groups ...
1 year ago Bleepingcomputer.com Andariel Kimsuky Lazarus Group
CVE-2025-31487 - The XWiki JIRA extension provides various integration points between XWiki and JIRA (macros, UI, CKEditor plugin). If the JIRA macro is installed, any logged in XWiki user could edit his/her user profile wiki page and use that JIRA macro, specifying ...
1 week ago
Dutch hacker jailed for extortion, selling stolen data on RaidForums - A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide. The suspect, a 21-year-old man from Zandvoort named ...
1 year ago Bleepingcomputer.com
Microsoft: Hackers target defense firms with new FalseFont malware - Microsoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. The DIB sector targeted in these attacks comprises over 100,000 defense companies and ...
1 year ago Bleepingcomputer.com APT3 APT33
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
1 year ago Bleepingcomputer.com APT29
Russian hackers stole Microsoft corporate emails in month-long breach - Microsoft disclosed Friday night that some of its corporate email accounts were breached and data stolen by the Russian state-sponsored hacking group Midnight Blizzard. The company detected the attack on January 12th, with Microsoft initiating its ...
1 year ago Bleepingcomputer.com APT29
Syrian Threat Group Peddles Destructive SilverRAT - The group behind a sophisticated remote access Trojan, SilverRAT, has links to both Turkey and Syria and plans to release an updated version of the tool to allow control over compromised Windows systems and Android devices. According to a threat ...
1 year ago Darkreading.com LAPSUS$
Hackers from North Korea Aimed at Medical and Energy Industries - The North Korean Lazarus hacking group has been identified as the perpetrator of a recent cyber espionage operation known as No Pineapple!. This designation highlights the group's malicious activities and its ability to carry out sophisticated ...
2 years ago Cybersecuritynews.com
How an Indian startup hacked the world - Reuters previously named Appin in a story about Indian cyber mercenaries published last year. This report paints the clearest picture yet of how Appin operated, detailing the world-spanning extent of its business, and international law enforcement's ...
1 year ago Reuters.com
Microsoft: BlueNoroff hackers plan new crypto-theft attacks - Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. This financially motivated threat group also has a documented history of cryptocurrency ...
1 year ago Bleepingcomputer.com
The Startup That Transformed the Hack-for-Hire Industry - If you're looking for a long read to while away your weekend, we've got you covered. First up, WIRED senior reporter Andy Greenberg reveals the wild story behind the three teenage hackers who created the Mirai botnet code that ultimately took down a ...
1 year ago Wired.com Scattered Spider

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)