news
HACKS OF TODAY 26/07/2023
Today’s HOT includes 37 victims:
13 ransomware by the notorious Everest, Medusa, Akira, NoEscape, BlackBasta, 8Base, Rhysida and 24 zero-day exploit by Cl0p.
The average Cyber Risk Factor is 4.1.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
AJOOMAL ASOCIADOS
Victim website: | ajoomal.com |
Victim country: | Spain |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
FERRING PHARMACEUTICALS
Victim website: | ferring.com |
Victim country: | Switzerland |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 44 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
CHEVRON FEDERAL CREDIT UNION
Victim website: | chevronfcu.org |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
HINDUJA GROUP
Victim website: | hindujagroup.com |
Victim country: | India |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
GOAL SOLUTIONS
Victim website: | goalsolutions.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
KOVAIR SOFTWARE
Victim website: | kovair.com |
Victim country: | India |
Attacker name: | Everest |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 200 GB |
Exfiltrated data type: | Project source codes, personal data of employees, various internal work documents. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 03rd Aug 23 |
Cyber Risk Factor: | 5 |
ORAU
Victim website: | orau.org |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 88 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AMF
Victim website: | amf.se |
Victim country: | Sweden |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ENCOREANYWHERE
Victim website: | encoreanywhere.com |
Victim country: | Netherlands |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
PRO2COL
Victim website: | pro2col.com |
Victim country: | United Kingdom |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
BAXTER INTERNATIONAL
Victim website: | hillrom.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 81 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
DRYDOCKS WORLD
Victim website: | drydocks.gov.ae |
Victim country: | UAE |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 204 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ARROW COMPONENTS
Victim website: | arrow.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MAXIMUS
Victim website: | maximus.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 169 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
HALLMARK CHANNEL
Victim website: | hallmarkchannel.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
PBI RESEARCH SERVICES
Victim website: | pbinfo.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 99 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MEDICAL EYE SERVICES
Victim website: | mesvision.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
QBITS
Victim website: | qbits.ch |
Victim country: | Switzerland |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
COLLEGE OF AMERICAN PATHOLOGISTS
Victim website: | cap.org |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 530 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SBM OFFSHORE
Victim website: | sbmoffshore.com |
Victim country: | Netherlands |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 612 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
FANUC
Victim website: | fanucamerica.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | 86 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
GENSLER
Victim website: | gensler.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MEDICAL COLLEGE OF WISCONSIN
Victim website: | mcw.edu |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SMURFIT KAPPA
Victim website: | smurfitkappa.com |
Victim country: | Ireland |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
GARRETT MOTION
Victim website: | garrettmotion.com |
Victim country: | Switzerland |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit (CVE-2023-34362) |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
BECHT ENGINEERING
Victim website: | becht.com |
Victim country: | USA |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Information of employees, projects, financials, and business processes information |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
RAMPI
Victim website: | rampi.com |
Victim country: | Italy |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 100 GB |
Exfiltrated data type: | Banking, commission data from 2016 to March 2023, reports, scans, finance, contracts and much more |
Leaked data: | / |
Ransom deadline: | 04th Aug 23 |
Cyber Risk Factor: | 4 |
BSB-STEUERBERATUNGSGESELLSCHAFT
Victim website: | bsb-steuerberatung.de |
Victim country: | Germany |
Attacker name: | BlackBasta |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including personal data and passports |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MIRANDA BROKERAGE
Victim website: | mirandacustomsbrokerage.com |
Victim country: | USA |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 4 |
INSTITUT MENSALUS S.L.
Victim website: | mensalus.es |
Victim country: | Spain |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 4 |
KERSEY CO
Victim website: | kerseygov.com |
Victim country: | USA |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 4 |
BOOMDATA
Victim website: | boomdata.com.au |
Victim country: | Australia |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 4 |
UNIVERSITY OF SALERNO
Victim website: | unisa.it |
Victim country: | Italy |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | 12 BTC |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including passports |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 02ndAug 23 |
Cyber Risk Factor: | 4 |
SPECTRA INDUSTRIAL
Victim website: | spectra.com.pg |
Victim country: | Papua New Guinea |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information. |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 3 |
FANSIPAN CONSTRUCTION CONSULTANTS
Victim website: | fansipan.com.vn |
Victim country: | Vietnam |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 3 |
DV8 TECHNOLOGY GROUP
Victim website: | dv8techgroup.com |
Victim country: | South Africa |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 3 |
CROWD
Victim website: | crowd.pt |
Victim country: | Portugal |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 3 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 08/05/2024
Today's HOT includes 20 ransomware victims by the notorious Metaencryptor, Qilin, LockBit 3.0, Hunters International, INC Ransom, RansomHub, Medusa, Black Suit, APT73 and dAn0n gangs....
Read MoreHACKS OF TODAY 07/05/2024
Today's HOT includes 66 victims by the notorious Black Suit, Akira, BianLian, DarkVault, Play, RansomHub, INC Ransom, Qilin, Abyss and LockBit 3.0 gangs. The average...
Read MoreHACKS OF TODAY 03-04-05-06/05/2024
Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...
Read More