Hackers Exploit SonicWall Zero-Day Bug in FiveHands Ransomware Attacks – KK Hack Labs
![hackers-exploit-sonicwall-zero-day-bug-in-fivehands-ransomware-attacks](https://pr24.news/wp-content/uploads/2021/04/Hackers-Exploit-SonicWall-Zero-Day-Bug-in-FiveHands-Ransomware-Attacks-–.jpg)
An “aggressive” financially motivated threat group tapped into a zero-day flaw in SonicWall VPN appliances prior to it being patched by the company to deploy a new strain of ransomware called FIVEHANDS.
The group, tracked by cybersecurity firm Mandiant as UNC2447, took advantage of an “improper SQL command neutralization” flaw in the SSL-VPN SMA100 product (CVE-2021-20016, CVSS score 9.8) that