“Colt are being extorted by Warlock ransomware group, they’ve been for over every week, Colt try to cowl it up,” Beaumont wrote on Mastodon on Friday, Aug 15. “Entry seemingly through sharehelp.colt.web through CVE-2025-53770 as they had been interacting with it.” Beaumont added that the group has stolen a number of hundred gigabytes of buyer information and documentation, posting a listing of information with samples on a Russian Tor web site.
“We’ve seen already this yr that telecom is especially susceptible to assaults, and I believe this WarLock assault highlights some recurring points that telecom and large-scale community service suppliers are beginning to see,” mentioned Gabrielle Hempel, Safety Operations Strategist at Exabeam. “There’s this operational ripple impact if you’re a service supplier and support-layer providers go down. Though Colt claims its “core community infrastructure” remains to be intact, the outage of internet hosting, porting, and API providers nonetheless disrupts buyer belief and downstream operations.”
Data allegedly put up on the market
The WarLock group has reportedly put the alleged paperwork up on the market on the discussion board. Together with the ransom demand of $200,000, they’ve offered pattern paperwork as proof, elevating alarm over what is perhaps uncovered if Colt doesn’t pay up.
The trove reportedly consists of monetary data, wage information, buyer contact particulars, inside communications, and software program improvement blueprints.
