Port 22

iNSYNQ Ransom Attack Began With Phishing Email

A ransomware outbreak that hitQuickBooks cloud hosting firm iNSYNQ in mid-Julyappears to have started with an email phishing attack that snared an employee working in sales for the company, KrebsOnSecurity has learned. It also looks like the intruders spent roughly ten days rooting around iNSYNQ’s internal network to properly stage things before unleashing the ransomware. iNSYNQ ultimately declined to pay the ransom demand, and it is still working to completely restore customer access to files.