news
HACKS OF TODAY 03/10/2023
Today’s HOT includes 14 ransomware victims by the notorious Mallox, ALPHV/BlackCat, Money Message, NoEscape, 8Base, Knight, LockBit 3.0, Medusa and Cuba gangs.
The average Cyber Risk Factor is 4.2.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
MEASURESOFT
Victim website: | measuresoft.com |
Victim country: | USA |
Attacker name: | Mallox |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 896 GB |
Exfiltrated data type: | N/A |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 04th Oct 23 |
Cyber Risk Factor: | 5 |
ROCK COUNTY WISCONSIN
Victim website: | co.rock.wi.us |
Victim country: | USA |
Attacker name: | Cuba |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Financial documents, correspondence with bank employees, account movements, balance sheets, tax documents, compensation, and source code |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
THE ONE GROUP
Victim website: | theonegroup.co.uk |
Victim country: | United Kingdom |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 101 GB |
Exfiltrated data type: | Employees’ personal information, CVs, driver’s licenses, IDs, Social Security numbers, financial reports, accounting data, loans data, insurance information, and agreements. Additionally, clients’ documentation, including driver’s licenses, IDs, Social Security numbers, financial data, credit card information, loans data, and agreements, has also been compromised. The ransomware group also claims to have obtained a complete network map, including credentials for local and remote services. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
TOSCANA PROMOZIONE
Victim website: | toscanapromozione.it |
Victim country: | Italy |
Attacker name: | Money Message |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Invoices, PII documents, personal details, financial data, passwords, payrolls, insurance documents, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
BELLSONICA
Victim website: | bellsonica.co.jp |
Victim country: | Japan |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 17 GB |
Exfiltrated data type: | Parts listings, orders, developments, design, backup data, accounting, credits, databases, and thousands of other documents |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SEFAG ZRT
Victim website: | sefag.hu |
Victim country: | Hungary |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 25 GB |
Exfiltrated data type: | Notarial documents, invoices, reports, certificates, residence permits, legal documents, financial sector decisions, drawings, banking information, confidential data, and insurance records |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
EL COLEGIO DE SAN LUIS
Victim website: | colsan.edu.mx |
Victim country: | Mexico |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 20 GB |
Exfiltrated data type: | Accounting, financial sector reports, banking information, personal data, certificates, asset declarations, salary deductions, and financial statements |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
TED PELLA
Victim website: | tedpella.com |
Victim country: | USA |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Invoice receipts, accounting documents, personal data, certificates, employment contracts, confidentiality agreements, and personal files |
Leaked data: | / |
Ransom deadline: | 10th Oct 23 |
Cyber Risk Factor: | 4 |
GDL LOGÍSTICA INTEGRADA
Victim website: | gdllogistica.com.br |
Victim country: | Brazil |
Attacker name: | Knight |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 60 GB |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AICSA CORPORACION
Victim website: | aicsacorp.com |
Victim country: | Guatemala |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 200 GB |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 23rd Oct 23 |
Cyber Risk Factor: | 4 |
SOMAGIC
Victim website: | somagic.fr |
Victim country: | France |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 100,000 |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 11th Oct 23 |
Cyber Risk Factor: | 4 |
MAXCO SUPPLY
Victim website: | airco-maxco.com |
Victim country: | Belgium |
Attacker name: | Money Message |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | HR, engineering documents, administrative data, databases, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MD LOGISTICS
Victim website: | mdlogistics.com |
Victim country: | USA |
Attacker name: | Money Message |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 5 GB |
Exfiltrated data type: | Miscellaneous including financial documents, passports, backups, invoices, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
SABIAN CYMBALS
Victim website: | sabian.com |
Victim country: | Canada |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Invoices, receipts, accounting documents, personal data, certificates, employment contracts, and more |
Leaked data: | / |
Ransom deadline: | 10th Oct 23 |
Cyber Risk Factor: | 3 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 07/05/2024
Today's HOT includes 66 victims by the notorious Black Suit, Akira, BianLian, DarkVault, Play, RansomHub, INC Ransom, Qilin, Abyss and LockBit 3.0 gangs. The average...
Read MoreHACKS OF TODAY 03-04-05-06/05/2024
Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...
Read MoreHACKS OF TODAY 02/05/2024
Today's HOT includes 22 victims by the notorious BianLian, Ra World, RansomHub, INC Ransom, Ransomware Blog, Rhysida, Akira and Underground Team gangs. The average Cyber...
Read More