Possible Fujifilm ransomware attack reportedly linked to REvil

Possible Fujifilm ransomware attack reportedly linked to REvil

The potential of a ransomware attack was identified on 1 June.

Credit: Photo 20901106 © Tomasz Bidermann |

Fujifilm Corporation has shut down parts of its global network and servers due to a potential ransomware attack. 

The Tokyo-headquartered digital imaging and medical technology equipment specialist said on 2 June (local time) that it was investigating unauthorised access to its servers and has shut down and disconnected its network from external sources as a precautionary measure.

“In the late evening of June 1, 2021, we became aware of the possibility of a ransomware attack," Fujifilm said in a statement. “As a result, we have taken measures to suspend all affected systems in coordination with our various global entities.” 

According to Bleeping Computer, Fujifilm was infected with the Qbot trojan in May, which has been linked to the Russian cyber criminal group REvil. Advanced Intel CEO Vitali Kremez told the publication that Fujifilm's systems were hit by the 13-year-old Trojan, typically initiated by phishing, last month.

REvil, also known as Sodinokibi, reportedly hit Acer with a US$50 million ransom after attacking it in March, and was this week was linked to an attack on American meat supplier JBS, which also has operations in Australia.

Fujifilm Business Innovation — the company previously known as Fuji Xerox that operates across the printers and documents, cloud, artificial intelligence and the internet of things (IoT) sectors —  was unaffected by the potential attack due to using different servers and networks. 

At least one Fujifilm regional arm that was temporarily shut down was its Americas operations, with a notice on its US website claiming that it found no impact on its network or servers in the region after an initial investigation. 

As a result, its systems have been brought back online on 3 June, with business in the region to become fully operational by 4 June. 

A similar statement on its UK website claims that, for some of its entities, the potential attack has impacted all forms of communications, including emails and incoming calls, which come through its network systems. 

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags fujifilmFujifilm Corporation

Show Comments