Wilson's Media

A Tech & Gaming Blog

Colt forced to take services offline following apparent cyberattack

  • Colt Technology Services pulls services offline, confirms this was due to a cyberattack
  • A ransomware group called WarLock claimed responsibility
  • Independent researchers believe the attackers struck the company’s SharePoint servers

Colt Technology Services has suffered a cyberattack which forced it to pull parts of its IT network offline for several days, thought to be a ransomware attack.

The company did not discuss the incident itself – the identity of the attackers, their motives, or what they did.

However, The Register found a ransomware operator called WarLock claimed responsibility for the attack, as on a dark web forum, a member of the group offered a million company documents, for $200,000. At this time, the claims, or the authenticity of the files, have not been confirmed.

Back online

Several of the company’s services, including the Colt Online customer portal, were unavailable. Soon after, Colt updated its status page to notify its customers about the incident:

“Thank you for your patience and understanding while some of your support services including Colt Online and our Voice API platform remain unavailable. We can confirm that this is related to our response to a recent cyber incident at Colt Technology Services,” the notification read.  

“We detected the cyber incident on an internal system. This system is separate from our customers’ infrastructure. We took immediate protective measures to ensure the security of our customers, colleagues, and business, and we proactively notified the relevant authorities.”

At press time, the Colt Online customer portal seems to be back online, but the status page is yet to reflect this change.

Experts believe the attackers most likely went for Colt’s SharePoint servers. Some of these servers were pulled offline after, most likely, being infected with a webshell. Colt seems to have added firewalls to those servers, following the attack.

WarLock is an emerging threat in the ransomware space, gaining attention earlier in 2025 when it was included in an attack targeting a remote code bug in Microsoft SharePoint.

Via The Register

You might also like


Source

Colt Technology Services pulls services offline, confirms this was due to a cyberattack A ransomware group called WarLock claimed responsibility Independent researchers believe the attackers struck the company’s SharePoint servers Colt Technology Services has suffered a cyberattack which forced it to pull parts of its IT network offline for several…

Tags: ,
Previous Post
Next Post

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent Posts

Archives