news
HACKS OF TODAY 20/07/2023
Today’s HOT includes 29 ransomware victims by the notorious ALPHV/BlackCat, Nokoyawa, Akira, Abyss, NoEscape and Cactus gangs.
The average Cyber Risk Factor is 3.5.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
HIRSCH BEDNER ASSOCIATES
Victim website: | hba.com |
Victim country: | Singapore |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 1 TB |
Exfiltrated data type: | Miscellaneous included sensitive data |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
CONFARTIGIANATO FEDERIMPRESA
Victim website: | confartigianatofc.it |
Victim country: | Italy |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including agreements and financial documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SCANSOURCE
Victim website: | scansource.com |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including financial and PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ITALKRAFT
Victim website: | italkraft.com |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including financial, agreements and confidential documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ARTEMIDE
Victim website: | artemide.com |
Victim country: | Italy |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including financial and confidential documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AMERICOLD LOGISTICS
Victim website: | americold.com |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | At least 6 GB |
Exfiltrated data type: | Huge amount of personal data!, HR, LEGAL, AUDIT-WH, Chief Legal Officer personal folder, Senior Director, Design Engineering personal folder, Vice President, Supply Chain Engineering personal folder, Customer Documents, Accident Reports. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ENTEGRA
Victim website: | entegrasolutions.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 200 GB |
Exfiltrated data type: | Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more); Of course it includes absolutely and highly confidential data., Clients documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements and much more); |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CAMPBELL KILLIN BRITTAN & RAY
Victim website: | ckbrlaw.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 340 GB |
Exfiltrated data type: | Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements and much more); Of course it includes absolutely and highly confidential data., Clients documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements and much more); |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CANAROPA
Victim website: | canaropa.com |
Victim country: | Canada |
Attacker name: | Nokoyawa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 103 GB |
Exfiltrated data type: | Miscellaneous including projects, products development and accounting documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
BRIGHT FUTURE ELECTRIC
Victim website: | brightfutureelectric.com |
Victim country: | USA |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 50 GB |
Exfiltrated data type: | Financial docs with customers information, employee information and other operational documents |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
PLB INTERNATIONAL
Victim website: | plbint.com |
Victim country: | Canada |
Attacker name: | Abyss |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 990 GB |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | 01st Aug 23 |
Cyber Risk Factor: | 4 |
CORDELL & CORDELL
Victim website: | cordellcordell.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 455 GB |
Exfiltrated data type: | Internal Company Data (Employees personal data, CV’s, DL’s, ID’s, SSN’s, Financial reports, Accounting data, Loans data, Insurance, Agreements, etc.),Clients documentation (DL’s, ID’s, SSN’s, Financial data, Credit cards information, Loans data, Agreements, etc.). |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AZIMUT
Victim website: | azimut.it |
Victim country: | Italy |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 500 GB |
Exfiltrated data type: | Personal photos, report on the benefits of acquiring shares, investor’s details. Daughter’s papers. Sergio Albrelli’s bank records. Financial information and complete company reports, stock purchase data, antique purchase data and more. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
YAMAHA CANADA MUSIC
Victim website: | ca.yamaha.com |
Victim country: | Canada |
Attacker name: | Akira |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Personal documents of employees andand contractors as well. Valid credit cards full info, medical information and tons of operational docs. Everything will be uploaded next week |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ACA ENGENHARIA & CONSTRUÇÃO
Victim website: | albertocoutoalves.pt |
Victim country: | Portugal |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including financial, agreements and clients’ information |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
AGORAVITA
Victim website: | agoravita.com |
Victim country: | France |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including contracts |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
AMERICAN METEOROLOGICAL SOCIETY
Victim website: | ametsoc.org |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including agreements |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
BIOCAIR
Victim website: | biocair.com |
Victim country: | United Kingdom |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including financial and employees’ information |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
HAWA SLIDING SOLUTIONS
Victim website: | hawa.com |
Victim country: | Switzerland |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents including invoices |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
IMAGINATION
Victim website: | imagination.com |
Victim country: | United Kingdom |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
MICHIGAN PRODUCTION MACHINING
Victim website: | michpro.com |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including Tax information and financial documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
NOVOBIT
Victim website: | novobit.ch |
Victim country: | Switzerland |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
REYES AUTOMOTIVE GROUP
Victim website: | reyesautomotivegroup.com |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including employees’ information and PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
ROTOMAIL ITALIA
Victim website: | rotomail.it |
Victim country: | Italy |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including contracts and invoices |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
PHOENIX TAXIS
Victim website: | phoenixtaxis.net |
Victim country: | United Kingdom |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including employees’ information and PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
WASSERSTROM
Victim website: | wasserstrom.com |
Victim country: | USA |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including emoloyees’ information and PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
TAMPA GENERAL HOSPITAL
Victim website: | tgh.org |
Victim country: | USA |
Attacker name: | Nokoyawa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
CORINIUM CARPETS
Victim website: | coriniumcarpets.co.uk |
Victim country: | United Kingdom |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 11 GB |
Exfiltrated data type: | Passports, driver’s licenses, ID Cards, invoices, NDAs, contracts, certificates, insurance, employment documents, scans, PC information from more than 15 employees and much more |
Leaked data: | / |
Ransom deadline: | 30th Jul 23 |
Cyber Risk Factor: | 3 |
CWS DIGITAL SOLUTIONS
Victim website: | cws.it |
Victim country: | Italy |
Attacker name: | Cactus |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 2 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 11-12-13-14-15/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreHACKS OF TODAY 09-10/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreOPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE
In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...
Read More