news

HACKS OF TODAY 24-25-26/06/2023

Today’s HOT includes 21 victims:
20 ransomware by the notorious Akira, NoEscape, BianLian, Mallox, Rhysida, RansomEXX and MedusaLocker gangs and 1 zero-day exploit by Cl0p.

The average Cyber Risk Factor is 4.0.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical

PERPETUAL GROUP

Victim website:	perpetualgroup.com
Victim country:	Australia
Attacker name:	Akira
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	700 GB
Exfiltrated data type:	Databases with highly detailed business information
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	5

CREDIT TEAM

Victim website:	creditteam.eu
Victim country:	Italy
Attacker name:	NoEscape
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	12,1 GB
Exfiltrated data type:	financial, tax, confidential documents of the company, as well as important financial and credit documents of their clients. Where there are income documents and credit documents, as well as passport documents of company owners, there are also details and credit data of company owners’ cards. There are financial documents of companies with which the Credit Team worked. In addition to the companies represented here, there are about 100 companies.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	05^th Jul 23
Cyber Risk Factor:	5

MATEJ BEL UNIVERSITY

Victim website:	umb.sk
Victim country:	Slovakia
Attacker name:	Medusa
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$500,000
Exfiltrated data amount:	Large amount of data
Exfiltrated data type:	Miscellaneous documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	5

GALVESTON COLLEGE

Victim website:	gc.edu
Victim country:	USA
Attacker name:	Akira
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	99 GB
Exfiltrated data type:	Student detailed personal info
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

AMERICAN CRANE RENTAL

Victim website:	americancranerental.net
Victim country:	USA
Attacker name:	BianLian
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	249 GB
Exfiltrated data type:	Accounting data, projects data, subcontractors and vendors, personal data, files from users PC’s, file-server data.
Leaked data:	/
Ransom deadline:	05^th Jul 23
Cyber Risk Factor:	4

MS AMLIN

Victim website:	msamlin.com
Victim country:	United Kingdom
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

ERNST HAUSAMMANN

Victim website:	hausammann.com
Victim country:	Switzerland
Attacker name:	MedusaLocker
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$ 20,000
Exfiltrated data amount:	N/A
Exfiltrated data type:	Client Case – customers email-documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

IHK REUTLINGEN

Victim website:	reutlingen.ihk.de
Victim country:	Germany
Attacker name:	MedusaLocker
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$80,000
Exfiltrated data amount:	N/A
Exfiltrated data type:	agreement – email(.msg)- contracts – and other documents
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

KOFF LOGISTIC KFT

Victim website:	kafflogistic.hu
Victim country:	Hungary
Attacker name:	MedusaLocker
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$50,000
Exfiltrated data amount:	N/A
Exfiltrated data type:	agreement – email(outlook files)- contracts – and other documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

TLANTIC

Victim website:	tlantic.com
Victim country:	United Kingdom
Attacker name:	Mallox
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	7,26 GB
Exfiltrated data type:	Miscellaneous documents
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

HOCHSCHULE KAISERSLAUTERN

Victim website:	cms.hs-kl.de
Victim country:	Germany
Attacker name:	Rhysida
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	Auction
Exfiltrated data amount:	N/A
Exfiltrated data type:	PII documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	27^th Jun 23
Cyber Risk Factor:	4

THE CITY OF NASSAU BAY

Victim website:	nassaubay.com
Victim country:	USA
Attacker name:	Akira
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	45 GB
Exfiltrated data type:	Miscellaneous documents including personal data
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

JACOBS FARM

Victim website:	jacobsfarmtc.com
Victim country:	USA
Attacker name:	RansomEXX
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	399 GB
Exfiltrated data type:	Miscellaneous documents
Leaked data:	100% of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

REAL ESTATE SYSTEMS INTEGRATOR

Victim website:	resionline.com
Victim country:	USA
Attacker name:	Medusa
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	$50,000
Exfiltrated data amount:	Large amount of data
Exfiltrated data type:	Miscellaneous documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	4

CLEARMEDI HEALTHCARE

Victim website:	clearmedi.in
Victim country:	Tunisia
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal documents, identity cards, health insurance, patient data (numbers\addresses\registration numbers and others), patient databases, personal data of employees, internal documents, accounts, financial documents, a huge amount of personal data and databases
Leaked data:	/
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	4

LYSANDER SHIPPING

Victim website:	lysandershipping.com
Victim country:	United Kingdom
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Invoices, invoice and receipts, internal documents, bank documents, commercial invoices, insurance certificate, contracts, SQL data, financial documents, accounting documents, correspondence files
Leaked data:	/
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	4

LEGALILAVORO

Victim website:	legalilavoro.it
Victim country:	Italy
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Identity cards, a huge number of personal files (correspondence, photos, personal data and much more), invoice, financial documents, correspondence, internal documents, client documents, medical certificates, driver’s license, and much more
Leaked data:	/
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	4

PNEUMAX

Victim website:	pneumaxspa.com
Victim country:	France
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Invoice, internal documents, bank documents, financial documents, social security numbers, insurance documents, employment contracts, student agreements, accounting documents, identity cards, other.
Leaked data:	/
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	4

AKRON-SUMMIT COUNTY PUBLIC LIBRARY

Victim website:	akronlibrary.org
Victim country:	USA
Attacker name:	Akira
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Staff documents
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	3

ALBERTA NEWSPRINT

Victim website:	albertanewsprint.com
Victim country:	Canada
Attacker name:	Rhysida
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	Auction
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous documents
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	29^th Jun 23
Cyber Risk Factor:	3

J.O.B. BETON

Victim website:	job-beton.com
Victim country:	Tunisia
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Internal documents, bank documents, building schemes and projects, identity cards, financial documents, invoice, driver’s license, partner data
Leaked data:	/
Ransom deadline:	03^rd Jul 23
Cyber Risk Factor:	3

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 11-12-13-14-15/05/2024

Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...

HACKS OF TODAY 09-10/05/2024

Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...

OPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE

In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...