news
HACKS OF TODAY 27/06/2023
Today’s HOT includes 25 victims:
11 ransomware by the notorious BianLian, Akira, KaraKurt, Rhysida, Mallox and ALPHV/BlackCat gangs and 16 zero-day exploit by Cl0p.
The average Cyber Risk Factor is 4.2.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
HIBERUS TECNOLOGÍA
Victim website: | hiberus.com |
Victim country: | Spain |
Attacker name: | BianLian |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 1,9 TB |
Exfiltrated data type: | SQL databases, finance, HR, client’s and customers ‘data, business data, internal email correspondence, personal projects, developments, source code |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
CHARITON VALLEY
Victim website: | cvalley.net |
Victim country: | USA |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 3 TB |
Exfiltrated data type: | Miscellaneous documents including databases |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
ABBVIE
Victim website: | abbvie.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
SIEMENS ENERGY
Victim website: | siemens-energy.com |
Victim country: | Germany |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
LONDON CAPITAL GROUP
Victim website: | lcg.com |
Victim country: | United Kingdom |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents including detailed personal information about their client. (Currently experiencing a major IT outage which is impacting the trading platforms. Clients are unable to login or trade. Currently we do not have an expected recovery time) |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
ITW FOOD EQUIPMENT GROUP
Victim website: | itwfoodequipment.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 701 GB |
Exfiltrated data type: | Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more); of course it include absolutely and highly confidential data. – Clients documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements and much more); – Database include other commercial confidential data. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 01st Jul 23 |
Cyber Risk Factor: | 5 |
IMATICA
Victim website: | imatica.com |
Victim country: | Spain |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 712 GB |
Exfiltrated data type: | Miscellaneous documents including customers’ data |
Leaked data: | 90% of the exfiltrated data (10% sold) |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
CARESOURCE
Victim website: | caresource.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
COMPASS INFRASTRUCTURE GROUP
Victim website: | compassinf.com |
Victim country: | USA |
Attacker name: | Mallox |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 23 GB |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
PROSKAUER ROSE
Victim website: | proskauer.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
KIRKLANDS HOME
Victim website: | kirklands.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
KOTAK LIFE
Victim website: | kotaklife.com |
Victim country: | India |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
STARMOUNT LIFE
Victim website: | starmountlife.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
JACKSON
Victim website: | jackson.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SAPIENS
Victim website: | sapiens.com |
Victim country: | Israel |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ENSTAR GROUP
Victim website: | enstargroup.com |
Victim country: | Bermuda |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
COGNIZANT
Victim website: | cognizant.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
DELTA DENTAL
Victim website: | deltadental.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CPIAI
Victim website: | cpiai.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
REEDS SPRING SCHOOL DISTRICT
Victim website: | rs-wolves.com |
Victim country: | USA |
Attacker name: | KaraKurt |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 155 GB |
Exfiltrated data type: | HR, detailed finance and accounting, employee information and contracts, confidential students information including medical documents, databases with complete students information |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 01st Jul 23 |
Cyber Risk Factor: | 4 |
UNIVERSITY OF CALIFORNIA, LOS ANGELES
Victim website: | ucla.edu |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SCHNEIDER ELECTRIC
Victim website: | se.com |
Victim country: | France |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
KÖRBER
Victim website: | koerber-pharma.com |
Victim country: | Germany |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
KNIGHTS OF OLD GROUP
Victim website: | knpgroup.com |
Victim country: | United Kingdom |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents including corporate information and a database with customers data. |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
GREENFIBER
Victim website: | greenfiber.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | SSN, driver’s license, passport, invoice, etc. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 07/05/2024
Today's HOT includes 66 victims by the notorious Black Suit, Akira, BianLian, DarkVault, Play, RansomHub, INC Ransom, Qilin, Abyss and LockBit 3.0 gangs. The average...
Read MoreHACKS OF TODAY 03-04-05-06/05/2024
Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...
Read MoreHACKS OF TODAY 02/05/2024
Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...
Read More