news

HACKS OF TODAY 07/09/2023

Today’s HOT includes 20 victims:

19 ransomware by the notorious ALPHV/BlackCat, Dunghill Leak, LockBit 3.0, Akira, Knight, BlackByte, INC Ransom and Cactus gangs and 1 data breach by Ragnar Locker.

The average Cyber Risk Factor is 4.2.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical

SABRE CORPORATION

Victim website:	sabre.com
Victim country:	USA
Attacker name:	Dunghill Leak
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	1,3 TB
Exfiltrated data type:	Databases on ticket sales in different online aggregators, online aggregators’ revenue database, databases on passenger turnover, databases with client data, scans of clients’ passports in attached files, personal info of employees, scans of documents containing name, insurance number, address, personal e-mail, personal phone number, table containing residential addresses of all employees, table containing passport data of employees and data of labor visas, table with all employees containing full name, title, status, place of work, supervisors, business mailing address, salary table, bank account information, balance sheet data, Female cash flow data, treasury vault data, payroll data, company cash analysis data, airflite-client application files, source code, logs
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	5

MAYANEI HAYESHUA MEDICAL CENTER

Victim website:	mymc.co.il
Victim country:	Israel
Attacker name:	Ragnar Locker
Attacker class:	Cybercrime
Attack technique:	Data breach through vulnerability
Ransom demand:	N/A
Exfiltrated data amount:	402 GB
Exfiltrated data type:	Personal information, internal emails, finances, medical cards and more of highly sensitive data, SQL database, .pst files with internal correspondence
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	5

ONYX-FIRE PROTECTION SERVICES

Victim website:	onyx-fire.com
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	800 GB
Exfiltrated data type:	Financial documents (balance sheets, budget, PL reports, expense reports, bank statements, statements of payables and receivables, various tax forms and reports, audits, cashflow, and many other important financial documents) Employees (sin numbers, residential addresses, date of birth, salary, contracts) NDA forms, contracts, customer base with personal data, projects, various claims
Leaked data:	100% of the exfiltrated data
Ransom deadline:	06^th Sep 23
Cyber Risk Factor:	5

RAGASA

Victim website:	ragasa.com.mx
Victim country:	Mexico
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	897,8 GB
Exfiltrated data type:	Employee documents, financial data, PII documents, contracts, etc.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	16^th Sep 23
Cyber Risk Factor:	5

CONCREJATO

Victim website:	concrejato.com.br
Victim country:	Brazil
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 699,999
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	20^th Sep 23
Cyber Risk Factor:	5

ENERGY ONE

Victim website:	energyone.com
Victim country:	Australia
Attacker name:	Akira
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	77 GB
Exfiltrated data type:	projects with big business names, financial documents, contracts, and HR information as well
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

SOLANO-NAPA PET EMERGENCY CLINIC

Victim website:	solanopetemergency.com
Victim country:	USA
Attacker name:	Knight
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	All clients and patients, phone payment authorization, employee information, exfiltrated records include personal information such as name, address, employee id number, and w-2 or 1099 details such as social security number or taxpayer id number, usernames, passwords
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

AYASS BIOSCIENCE

Victim website:	ayassbioscience.com
Victim country:	USA
Attacker name:	ALPHV/BlackCat
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous documents including client data
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

SMEAD

Victim website:	smead.com
Victim country:	USA
Attacker name:	BlackByte
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including confidential documents, financial data and client information
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

GORMAN & COMPANY

Victim website:	gormanusa.com
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	237 GB
Exfiltrated data type:	Database
Leaked data:	100% of the exfiltrated data
Ransom deadline:	06^th Sep 23
Cyber Risk Factor:	4

QSOFT

Victim website:	qsoftnet.com
Victim country:	Spain
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 249,999
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	20^th Sep 23
Cyber Risk Factor:	4

MEROSO FOODS

Victim website:	meroso.be
Victim country:	Belgium
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 249,999
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	20^th Sep 23
Cyber Risk Factor:	4

PROTOSIGN SRL

Victim website:	protosign.it
Victim country:	Italy
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	Started from $200,000
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	20^th Sep 23
Cyber Risk Factor:	4

NOBLE GROUP

Victim website:	nobleweb.com
Victim country:	USA
Attacker name:	LockBit 3.0
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	260 GB
Exfiltrated data type:	SSN numbers, residential addresses, date of birth, salary and tax information, contracts, and other confidential forms for employees budget, cash flow, balance sheet, tax returns, 1099 forms, 401 report, project calculations, YTD reports, bank statements, various audit reports, information on investment committees, reports to investors, explanatory notes and many other financial documents) NDA, information about borrowers, information about investors, data on escrow, information about projects, contracts, and much more)
Leaked data:	100% of the exfiltrated data
Ransom deadline:	06^th Sep 23
Cyber Risk Factor:	4

SPECIALISED MANAGEMENT SERVICES

Victim website:	sms-alderley.com
Victim country:	United Kingdom
Attacker name:	Cactus
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Passports, confidential documents, financial data, etc.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

TORMAX USA

Victim website:	tormaxusa.com
Victim country:	USA
Attacker name:	Cactus
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Agreements, financial data, PII documents, etc.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

WEST CRAFT MANUFACTURING

Victim website:	westcraftmfg.net
Victim country:	USA
Attacker name:	Cactus
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Passports, agreements, accident reports, etc.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

TRIMARAN CAPITAL PARTNERS

Victim website:	trimarancapital.com
Victim country:	USA
Attacker name:	Cactus
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Passports, confidential documents, financial data, etc.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

I KEATING FURNITURE WORLD

Victim website:	ikeatingfurniture.com
Victim country:	USA
Attacker name:	INC Ransom
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	3

IT4 SOLUTIONS ROBRAS CORP

Victim website:	it4solutions.net
Victim country:	USA
Attacker name:	INC Ransom
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous documents including transactions, internal documents, financial data, etc.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	3

Stay safe!

Hackmanac Team

Latest news

CORRECTION ON MALASLOCKER ACTIVITIES

Following further information provided to us directly by the Italian company BeeVoip, it is necessary to correct a detail from our previous post regarding the...

HACKS OF TODAY 28/09/2023

Today's HOT includes 7 ransomware victims by the notorious Akira, NoEscape, ALPHV/BlackCat, ThreeAM, 8Base and Cactus gangs. The average Cyber Risk Factor is 3.7. Read below the...

HACKS OF TODAY 27/09/2023

Today's HOT includes 13 ransomware victims by the notorious Dunghill Leak, ALPHV/BlackCat, NoEscape, Medusa, Akira, Qilin, 8Base and Cactus gangs. The average Cyber Risk Factor is 4.1....