A1 Telekom, Austria’s largest internet service provider, disclosed earlier this week that they suffered from a security breach. The company did not disclose the nature of the malware or whether the threat actors were seeking money or information. The company stated that it suffered from a malware infection in November of 2019, and did not notice for a month. However, from December 2019 to May 2020, A1 stated that they were still attempting to remove the infection, removing all hidden backdoor components to rid the systems of intruders.
A1 also stated that the malware only infected computers on its office network rather than the entire IT system, which consists of 15,000 workstations and 12,000 servers. According to A1, the attacker took manual control of the malware in an attempt to expand his foothold on a few systems. Databases and database queries were compromised. A1 publicly disclosed the attack after a whistleblower reported the concerning information.
Read More: Hackers breached A1 Telekom, Austria’s largest ISP