Categories
2023 HOT News-EN

HACKS OF TODAY 27/06/2023

news

HACKS OF TODAY 27/06/2023

Today’s HOT includes 25 victims:
11 ransomware by the notorious BianLian, Akira, KaraKurt, Rhysida, Mallox and ALPHV/BlackCat gangs and 16 zero-day exploit by Cl0p.

The average Cyber Risk Factor is 4.2.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.

It shows the severity of an event: 1 = low, 5 = critical

HIBERUS TECNOLOGÍA

Victim website:

hiberus.com

Victim country:

Spain

Attacker name:

BianLian

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

1,9 TB

Exfiltrated data type:

SQL databases, finance, HR, client’s and customers ‘data, business data, internal email correspondence, personal projects, developments, source code

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

CHARITON VALLEY

Victim website:

cvalley.net

Victim country:

USA

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

3 TB

Exfiltrated data type:

Miscellaneous documents including databases

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

ABBVIE

Victim website:

abbvie.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

SIEMENS ENERGY

Victim website:

siemens-energy.com

Victim country:

Germany

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

LONDON CAPITAL GROUP

Victim website:

lcg.com

Victim country:

United Kingdom

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous documents including detailed personal information about their client. (Currently experiencing a major IT outage which is impacting the trading platforms. Clients are unable to login or trade. Currently we do not have an expected recovery time)

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

ITW FOOD EQUIPMENT GROUP

Victim website:

itwfoodequipment.com

Victim country:

USA

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

701 GB

Exfiltrated data type:

Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more); of course it include absolutely and highly confidential data. – Clients documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements and much more); – Database include other commercial confidential data.

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

01st Jul 23

Cyber Risk Factor:

5

IMATICA

Victim website:

imatica.com

Victim country:

Spain

Attacker name:

Rhysida

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

712 GB

Exfiltrated data type:

Miscellaneous documents including customers’ data

Leaked data:

90% of the exfiltrated data (10% sold)

Ransom deadline:

N/A

Cyber Risk Factor:

5

CARESOURCE

Victim website:

caresource.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

COMPASS INFRASTRUCTURE GROUP

Victim website:

compassinf.com

Victim country:

USA

Attacker name:

Mallox

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

23 GB

Exfiltrated data type:

Miscellaneous documents

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

PROSKAUER ROSE

Victim website:

proskauer.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

KIRKLANDS HOME

Victim website:

kirklands.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

KOTAK LIFE

Victim website:

kotaklife.com

Victim country:

India

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

STARMOUNT LIFE

Victim website:

starmountlife.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

JACKSON

Victim website:

jackson.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

SAPIENS

Victim website:

sapiens.com

Victim country:

Israel

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

ENSTAR GROUP

Victim website:

enstargroup.com

Victim country:

Bermuda

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

COGNIZANT

Victim website:

cognizant.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

DELTA DENTAL

Victim website:

deltadental.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

CPIAI

Victim website:

cpiai.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

REEDS SPRING SCHOOL DISTRICT

Victim website:

rs-wolves.com

Victim country:

USA

Attacker name:

KaraKurt

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

155 GB

Exfiltrated data type:

HR, detailed finance and accounting, employee information and contracts, confidential students information including medical documents, databases with complete students information

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

01st Jul 23

Cyber Risk Factor:

4

UNIVERSITY OF CALIFORNIA, LOS ANGELES

Victim website:

ucla.edu

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

SCHNEIDER ELECTRIC

Victim website:

se.com

Victim country:

France

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

KÖRBER

Victim website:

koerber-pharma.com

Victim country:

Germany

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

KNIGHTS OF OLD GROUP

Victim website:

knpgroup.com

Victim country:

United Kingdom

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous documents including corporate information and a database with customers data.

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

3

GREENFIBER

Victim website:

greenfiber.com

Victim country:

USA

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

SSN, driver’s license, passport, invoice, etc.

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

3

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 24/04/2024

Today's HOT includes 10 ransomware victims by the notorious RansomHouse, Black Suit, Rhysida, BianLian, RansomHub, BlackBasta and Qiulong gangs. The average Cyber Risk Factor is  4.4. Read below...

Read More

HACKS OF TODAY 23/04/2024

Today's HOT includes 12 ransomware victims by the notorious Medusa, Abyss, RansomHouse, Cactus, RansomHub, BianLian, Qilin and Qiulong gangs. The average Cyber Risk Factor is  4.5. Read below...

Read More

HACKS OF TODAY 20-21-22/04/2024

Today's HOT includes 10 ransomware victims by the notorious 8Base, Medusa, Embargo and Inc Ransom gangs. The average Cyber Risk Factor is  3.9. Read below the full list.

Read More
Categories
2023 HOT News-EN

HACKS OF TODAY 24-25-26/06/2023

news

HACKS OF TODAY 24-25-26/06/2023

Today’s HOT includes 21 victims:
20 ransomware by the notorious Akira, NoEscape, BianLian, Mallox, Rhysida, RansomEXX and MedusaLocker gangs and 1 zero-day exploit by Cl0p.

The average Cyber Risk Factor is 4.0.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.

It shows the severity of an event: 1 = low, 5 = critical

PERPETUAL GROUP

Victim website:

perpetualgroup.com

Victim country:

Australia

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

700 GB

Exfiltrated data type:

Databases with highly detailed business information

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

CREDIT TEAM

Victim website:

creditteam.eu

Victim country:

Italy

Attacker name:

NoEscape

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

12,1 GB

Exfiltrated data type:

financial, tax, confidential documents of the company, as well as important financial and credit documents of their clients. Where there are income documents and credit documents, as well as passport documents of company owners, there are also details and credit data of company owners’ cards. There are financial documents of companies with which the Credit Team worked. In addition to the companies represented here, there are about 100 companies.

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

05th Jul 23

Cyber Risk Factor:

5

MATEJ BEL UNIVERSITY

Victim website:

umb.sk

Victim country:

Slovakia

Attacker name:

Medusa

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$500,000

Exfiltrated data amount:

Large amount of data

Exfiltrated data type:

Miscellaneous documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

5

GALVESTON COLLEGE

Victim website:

gc.edu

Victim country:

USA

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

99 GB

Exfiltrated data type:

Student detailed personal info

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

AMERICAN CRANE RENTAL

Victim website:

americancranerental.net

Victim country:

USA

Attacker name:

BianLian

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

249 GB

Exfiltrated data type:

Accounting data, projects data, subcontractors and vendors, personal data, files from users PC’s, file-server data.

Leaked data:

/

Ransom deadline:

05th Jul 23

Cyber Risk Factor:

4

MS AMLIN

Victim website:

msamlin.com

Victim country:

United Kingdom

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

ERNST HAUSAMMANN

Victim website:

hausammann.com

Victim country:

Switzerland

Attacker name:

MedusaLocker

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$ 20,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

Client Case – customers email-documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

IHK REUTLINGEN

Victim website:

reutlingen.ihk.de

Victim country:

Germany

Attacker name:

MedusaLocker

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$80,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

agreement – email(.msg)- contracts – and other documents

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

KOFF LOGISTIC KFT

Victim website:

kafflogistic.hu

Victim country:

Hungary

Attacker name:

MedusaLocker

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$50,000

Exfiltrated data amount:

N/A

Exfiltrated data type:

agreement – email(outlook files)- contracts – and other documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

TLANTIC

Victim website:

tlantic.com

Victim country:

United Kingdom

Attacker name:

Mallox

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

7,26 GB

Exfiltrated data type:

Miscellaneous documents

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

HOCHSCHULE KAISERSLAUTERN

Victim website:

cms.hs-kl.de

Victim country:

Germany

Attacker name:

Rhysida

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

Auction

Exfiltrated data amount:

N/A

Exfiltrated data type:

PII documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

27th Jun 23

Cyber Risk Factor:

4

THE CITY OF NASSAU BAY

Victim website:

nassaubay.com

Victim country:

USA

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

45 GB

Exfiltrated data type:

Miscellaneous documents including personal data

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

JACOBS FARM

Victim website:

jacobsfarmtc.com

Victim country:

USA

Attacker name:

RansomEXX

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

399 GB

Exfiltrated data type:

Miscellaneous documents

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

4

REAL ESTATE SYSTEMS INTEGRATOR

Victim website:

resionline.com

Victim country:

USA

Attacker name:

Medusa

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

$50,000

Exfiltrated data amount:

Large amount of data

Exfiltrated data type:

Miscellaneous documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

4

CLEARMEDI HEALTHCARE

Victim website:

clearmedi.in

Victim country:

Tunisia

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Personal documents, identity cards, health insurance, patient data (numbers\addresses\registration numbers and others), patient databases, personal data of employees, internal documents, accounts, financial documents, a huge amount of personal data and databases

Leaked data:

/

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

4

LYSANDER SHIPPING

Victim website:

lysandershipping.com

Victim country:

United Kingdom

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Invoices, invoice and receipts, internal documents, bank documents, commercial invoices, insurance certificate, contracts, SQL data, financial documents, accounting documents, correspondence files

Leaked data:

/

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

4

LEGALILAVORO

Victim website:

legalilavoro.it

Victim country:

Italy

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Identity cards, a huge number of personal files (correspondence, photos, personal data and much more), invoice, financial documents, correspondence, internal documents, client documents, medical certificates, driver’s license, and much more

Leaked data:

/

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

4

PNEUMAX

Victim website:

pneumaxspa.com

Victim country:

France

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Invoice, internal documents, bank documents, financial documents, social security numbers, insurance documents, employment contracts, student agreements, accounting documents, identity cards, other.

Leaked data:

/

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

4

AKRON-SUMMIT COUNTY PUBLIC LIBRARY

Victim website:

akronlibrary.org

Victim country:

USA

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Staff documents

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

3

ALBERTA NEWSPRINT

Victim website:

albertanewsprint.com

Victim country:

Canada

Attacker name:

Rhysida

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

Auction

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous documents

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

29th Jun 23

Cyber Risk Factor:

3

J.O.B. BETON

Victim website:

job-beton.com

Victim country:

Tunisia

Attacker name:

8Base

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Internal documents, bank documents, building schemes and projects, identity cards, financial documents, invoice, driver’s license, partner data

Leaked data:

/

Ransom deadline:

03rd Jul 23

Cyber Risk Factor:

3

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 24/04/2024

Today's HOT includes 10 ransomware victims by the notorious RansomHouse, Black Suit, Rhysida, BianLian, RansomHub, BlackBasta and Qiulong gangs. The average Cyber Risk Factor is  4.4. Read below...

Read More

HACKS OF TODAY 23/04/2024

Today's HOT includes 12 ransomware victims by the notorious Medusa, Abyss, RansomHouse, Cactus, RansomHub, BianLian, Qilin and Qiulong gangs. The average Cyber Risk Factor is  4.5. Read below...

Read More

HACKS OF TODAY 20-21-22/04/2024

Today's HOT includes 10 ransomware victims by the notorious 8Base, Medusa, Embargo and Inc Ransom gangs. The average Cyber Risk Factor is  3.9. Read below the full list.

Read More
Categories
2023 HOT News-EN

HACKS OF TODAY 23/06/2023

news

HACKS OF TODAY 23/06/2023

Today’s HOT includes 8 ransomware victims by the notorious Qilin, Akira, ALPHV/BlackCat, BlackBasta and Play gangs and 5 zero-day exploit by Cl0p.

The average Cyber Risk Factor is 4.2.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.

It shows the severity of an event: 1 = low, 5 = critical

LONDON AND CAPITAL GROUP

Victim website:

londonandcapital.com

Victim country:

United Kingdom

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

600 GB

Exfiltrated data type:

Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more),Clients documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements, etc.), Database include other commercial confidential data.

Leaked data:

Sample with proof of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

NATIONAL INSTITUTIONAL FACILITATION TECHNOLOGIES

Victim website:

nift.pk

Victim country:

Pakistan

Attacker name:

ALPHV/BlackCat

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

Several terabytes of data

Exfiltrated data type:

Miscellaneous including database, source code of EPAY project, confidential data, PII documents

Leaked data:

Sample with proof of exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

DAIWA HOUSE INDUSTRY

Victim website:

medexs.com

Victim country:

Japan

Attacker name:

Qilin

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

611,7 GB

Exfiltrated data type:

Miscellaneous documents

Leaked data:

100% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

5

ANDESA

Victim website:

andesaservices.com

Victim country:

USA

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

SONY

Victim website:

sony.com

Victim country:

Japan

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

PWC

Victim website:

pwc.com

Victim country:

United Kingdom

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

GUS CANADA

Victim website:

guscanada.com

Victim country:

Canada

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

5

HILL INTERNATIONAL

Victim website:

hillintl.com

Victim country:

USA

Attacker name:

Play

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Private and personal confidential data, clients and employee documents, finance, technical documentation, passports, IDs, taxes, finance information and etc.

Leaked data:

/

Ransom deadline:

26th Jun 23

Cyber Risk Factor:

4

EY GLOBAL

Victim website:

ey.com

Victim country:

United Kingdom

Attacker name:

Cl0p

Attacker class:

Cybercrime

Attack technique:

Zero-Day Vulnerability in MOVEit (CVE-2023-34362)

Ransom demand:

N/A

Exfiltrated data amount:

3Gb + archives

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

4

DANCIE PERUGINI WARE PUBLIC RELATIONS

Victim website:

dpwpr.com

Victim country:

USA

Attacker name:

Play

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Private and personal confidential data, clients and employee documents, passports, finance, tax and etc.

Leaked data:

/

Ransom deadline:

27th Jun 23

Cyber Risk Factor:

3

GC&E

Victim website:

gcesg.com

Victim country:

USA

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

3

DEVELOPMENT BANK OF SOUTHERN AFRICA

Victim website:

dbsa.org

Victim country:

South Africa

Attacker name:

Akira

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

N/A

Leaked data:

/

Ransom deadline:

N/A

Cyber Risk Factor:

3

M&M INDUSTRIES

Victim website:

ultimatepail.com

Victim country:

USA

Attacker name:

BlackBasta

Attacker class:

Cybercrime

Attack technique:

Ransomware

Ransom demand:

N/A

Exfiltrated data amount:

N/A

Exfiltrated data type:

Miscellaneous including financial documents

Leaked data:

9% of the exfiltrated data

Ransom deadline:

N/A

Cyber Risk Factor:

3

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 24/04/2024

Today's HOT includes 10 ransomware victims by the notorious RansomHouse, Black Suit, Rhysida, BianLian, RansomHub, BlackBasta and Qiulong gangs. The average Cyber Risk Factor is  4.4. Read below...

Read More

HACKS OF TODAY 23/04/2024

Today's HOT includes 12 ransomware victims by the notorious Medusa, Abyss, RansomHouse, Cactus, RansomHub, BianLian, Qilin and Qiulong gangs. The average Cyber Risk Factor is  4.5. Read below...

Read More

HACKS OF TODAY 20-21-22/04/2024

Today's HOT includes 10 ransomware victims by the notorious 8Base, Medusa, Embargo and Inc Ransom gangs. The average Cyber Risk Factor is  3.9. Read below the full list.

Read More
				
					-----BEGIN PGP PUBLIC KEY BLOCK----- xsFNBFyONI0BEAC3wJRo5qhtr1KsqVdMz7b5JqHmt7H0ZZr14oJ9TV/hD9LMfrKpnQ94dFGnpfGa BKC1wSoJN4Yfs5lg5YmN4hmHmm6PkjgQdenVgL4YDfLDodwn5DgXKuywRBqIFbbnTDvFAb03DX2A FPnc+4g2QHsfiFycz+ISg/Z+8i21gY3j5oZlrdMKVWrNczrNc/lDJqJ36RSYDn1QzAW1ZGY/pUXk imPRvLew5Idr3462sZVVhuUFMD3Uf/W1SaS3bSEQM89pSYKZfo8AFpAs659Mn7gqKru6ndxilRdF wJGQuepqR8kz+vVPLyxJj68ii2ZBIY50RQvSBgJRnNF/Htp30cuk3v8jfSGZit9XYTTGQThVbfGR ZcKWze/iF+es110+mNXA/8s7jKs95PI+z1Foc9o74Ujs8dvjEGHTaESIEzX3JtEZUCZUiPt/P8pU Jw0ewbj1XCacYxYVsR7ODlf6GEsjt868WcjiqsuuZo2rzO4og9hFU5DlBzuePklfhw8dO5CiMN2H vtSkAn4DkgHqC+JiciHc9h5Cvvfjp52oQPj1eYmU3LkOvGFmPXVIts3VfxsQT3gk+DmrQ4J//fAl tNRSbMBnGu5F/qnLLkJmKRKPKNNcpjptFznKxLZbxW5QbAeDok3ho8YQACfADKcrmaIRkoPr8/mn PxZgMSMB87W7sQARAQABzSRTb2ZpYSBTY296emFyaSA8c29maWFAaGFja21hbmFjLmNvbT7CwZQE EwEIAD4WIQTNwEbcXbH0vegGlHCd6fr0nsTifwUCXI40jQIbIwUJEswDAAULCQgHAgYVCgkICwIE FgIDAQIeAQIXgAAKCRCd6fr0nsTifwKuD/4+3MaN+9eFiltI06fFBjr1Csh0OLFw89jFnpuYl9Sm ImVqmBwrnm+APxxLK4M+FMuNm4fW08X249t09Nsf0ba6UJ0HR/7/fRTipjzRLqHSr0+ZjVUGHhon fuuFZgNzPA5RmQZZCyiwyqZJs7pLn1QI/CtlDP6MsQhadywbkO/5LlDoBoYh/2DYNA/mtEfJbvc/ cOvfk47thj5OzcXJEWFxz7h2P5C2ELwxdhNPC+uqcOQkTScnuIBJooheJPhdmqOtOwrbUUIfaryM IESrol3Jg3/MUOe7FLXhwCSQGY1iefzl4py2jTeK936GMBHifLSUCA88lpE7ALkbf3+qJ9ABra9G e9e0dirIlPvFgBkEBBXsoIReQLrhHKFBtvKdrrE9Rb7kAwon+sW+3Uf6Ie3M8nTisGy2AmlI/tQ5 V0MHU2UJUNcc59hk7ADIlXN64eeqELgsMtlR4wEHd6nwcEpoPCTWfrVSwzsPtXUGNAGbgGxISv/F ltcFJ6Qw6Zy4f+YBEyCx/7GA3kjLllkcHv4kwHpP+WQCzbjh2JdkGEp5AY7puil1AtOFcbirbHbR 83KVeqx4Vvlyh2jhIDQYB/9qpTDC1xDKpndn40gnNd5hvjK0I0Xvbhb0PLhCpJQ5tsvPiQHjhOMF Wye3ZigaX1gTZxE29MLtwBbOYdGCYG0MrM7BTQRcjjSNARAAupAKTZXLRktriUVqhkZpU8zUVwrW ik6siStg7BppSJuKVW+Ic8QIagW0I48d2jZIIXrQRvqVBixn8eeBTE8Cujum1mZyhTw2sri3gE9i 81gisF17T/uewzRyYwx8obMfSEBnwJa44td7VjtbfLMRtfneK9R40+kELhhvXZa3DBbcG86zHVPU f1YkLX4RNSyjz4vOCX3WlcIAOr6MJA8DT+F5mUCVEhnkeUbflXtxRSeTUTfOw/3MYLs+mc6hWwLq gqTMcIQhDrYEY5wUgb5Mj86NR/uvsThL6MtWCJWVbfxHxM575woyTdD9E6HGO6loHYdky/7I+XFZ twgxsGn6HJYT+Gwn9BI5/DiwT1Qb/AyADktN1jGmZGTlniS+hly7rm0EHb2CTTM5zT1fh/sCOtQb nYIUf2in2cIfcFvzeFrUbDk2HfJMp5FmY6tBEV5xyNCww/mBkW2nuZy9CvAheJEOGoO8lyonPU2u ARq345LdbS6l+VdivPmZoLNpIMRw9MSTYmzm08h7C+/6hxzpjw1/nWZ+W2k9VpLutEs7KMtsbZR4 WhVFVS1uhqxrnjoeBHznh360Ou8SR+PFO0HIrYz4W7ayfcBhqcsGrM9u1E892gjUVTbPv8UoXQ8S Zm9ra2jqbfZGbyOpMIlyMzHTak7r0IZvCedEUDCimitbw98AEQEAAcLBfAQYAQgAJhYhBM3ARtxd sfS96AaUcJ3p+vSexOJ/BQJcjjSNAhsMBQkSzAMAAAoJEJ3p+vSexOJ/C+wP/iGvKG1NldCT2gR7 oWhmvgBnsD7qjC57RX0Go7WD1lmrWP4xWpvM6Tj0V4ZsXnyB8zUR38p49PPymjwy51FAss5PYh8S bVC1/sKC5Sae3kiAoMGH29MBAwL1IkJ8PNw6uOJHhUIJgKT5RWk2f7q3+Tha19slXwD/FC1IcBJK baxyVkG3cG5AnNvvKZyFAUNZ9FiBycaNHO4o6bCcCzSsaRLL2azudJLrF8UYPfTNBQ6Cr4QLqaRb t+ZqL2nqmcadO1AtxLtq5lQjxbhJ3jSYIcQJRq0ztbIBcPrdR2B/dfVED9cU5leSmNXxrh09gJ7N tmUpVo5fBcbf6fP7h2HIFBpH+G/8UUlcbm9pQ5Jcb8FEom0JrfaIAuv1gEIJAk1mkqLNzWUs8KuL nCBBVT2+2hfEZjtjUYbCLVB4LRCsLs9CY1wS3yKca90S8m0tfKcSj3K3k8qlKodkE2raX2GW2dm9 b200ENbb41B1uZlPts4Yh/AMfLqoNv8wyw0GlUQ2DqgDqviLANYbg4/GHwTLwO2b9UMHuTVU3woS 1LRKt0iPPsd+ir+9YRAVt5LB5XTS5C5cdIW9JSXQ+0cnbr3LPZCBulOew/M72liBINKWKGoUyueF 73ckNO9S7pzTOCpjn3+gAuzN/itwgwrMLoqUqqBuxzd7cKNJHTFdTIfTm53f =KIMs -----END PGP PUBLIC KEY BLOCK-----