news

HACKS OF TODAY 26/07/2023

Today’s HOT includes 37 victims:

13 ransomware by the notorious Everest, Medusa, Akira, NoEscape, BlackBasta, 8Base, Rhysida and 24 zero-day exploit by Cl0p.

The average Cyber Risk Factor is 4.1.

Read below the full list.

Disclaimer:

Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical

AJOOMAL ASOCIADOS

Victim website:	ajoomal.com
Victim country:	Spain
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	5

FERRING PHARMACEUTICALS

Victim website:	ferring.com
Victim country:	Switzerland
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	44 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	5

CHEVRON FEDERAL CREDIT UNION

Victim website:	chevronfcu.org
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	5

HINDUJA GROUP

Victim website:	hindujagroup.com
Victim country:	India
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	5

GOAL SOLUTIONS

Victim website:	goalsolutions.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	5

KOVAIR SOFTWARE

Victim website:	kovair.com
Victim country:	India
Attacker name:	Everest
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	200 GB
Exfiltrated data type:	Project source codes, personal data of employees, various internal work documents.
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	03^rd Aug 23
Cyber Risk Factor:	5

ORAU

Victim website:	orau.org
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	88 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

AMF

Victim website:	amf.se
Victim country:	Sweden
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

ENCOREANYWHERE

Victim website:	encoreanywhere.com
Victim country:	Netherlands
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

PRO2COL

Victim website:	pro2col.com
Victim country:	United Kingdom
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

BAXTER INTERNATIONAL

Victim website:	hillrom.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	81 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

DRYDOCKS WORLD

Victim website:	drydocks.gov.ae
Victim country:	UAE
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	204 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

ARROW COMPONENTS

Victim website:	arrow.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

MAXIMUS

Victim website:	maximus.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	169 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

HALLMARK CHANNEL

Victim website:	hallmarkchannel.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

PBI RESEARCH SERVICES

Victim website:	pbinfo.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	99 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

MEDICAL EYE SERVICES

Victim website:	mesvision.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

QBITS

Victim website:	qbits.ch
Victim country:	Switzerland
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

COLLEGE OF AMERICAN PATHOLOGISTS

Victim website:	cap.org
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	530 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

SBM OFFSHORE

Victim website:	sbmoffshore.com
Victim country:	Netherlands
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	612 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

FANUC

Victim website:	fanucamerica.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	86 GB
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

GENSLER

Victim website:	gensler.com
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

MEDICAL COLLEGE OF WISCONSIN

Victim website:	mcw.edu
Victim country:	USA
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

SMURFIT KAPPA

Victim website:	smurfitkappa.com
Victim country:	Ireland
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

GARRETT MOTION

Victim website:	garrettmotion.com
Victim country:	Switzerland
Attacker name:	Cl0p
Attacker class:	Cybercrime
Attack technique:	Zero-Day Vulnerability in MOVEit (CVE-2023-34362)
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	N/A
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

BECHT ENGINEERING

Victim website:	becht.com
Victim country:	USA
Attacker name:	Akira
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Information of employees, projects, financials, and business processes information
Leaked data:	/
Ransom deadline:	N/A
Cyber Risk Factor:	4

RAMPI

Victim website:	rampi.com
Victim country:	Italy
Attacker name:	NoEscape
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	100 GB
Exfiltrated data type:	Banking, commission data from 2016 to March 2023, reports, scans, finance, contracts and much more
Leaked data:	/
Ransom deadline:	04^th Aug 23
Cyber Risk Factor:	4

BSB-STEUERBERATUNGSGESELLSCHAFT

Victim website:	bsb-steuerberatung.de
Victim country:	Germany
Attacker name:	BlackBasta
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including personal data and passports
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	N/A
Cyber Risk Factor:	4

MIRANDA BROKERAGE

Victim website:	mirandacustomsbrokerage.com
Victim country:	USA
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	4

INSTITUT MENSALUS S.L.

Victim website:	mensalus.es
Victim country:	Spain
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	4

KERSEY CO

Victim website:	kerseygov.com
Victim country:	USA
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	4

BOOMDATA

Victim website:	boomdata.com.au
Victim country:	Australia
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	4

UNIVERSITY OF SALERNO

Victim website:	unisa.it
Victim country:	Italy
Attacker name:	Rhysida
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	12 BTC
Exfiltrated data amount:	N/A
Exfiltrated data type:	Miscellaneous including passports
Leaked data:	Sample with proof of the exfiltrated data
Ransom deadline:	02^ndAug 23
Cyber Risk Factor:	4

SPECTRA INDUSTRIAL

Victim website:	spectra.com.pg
Victim country:	Papua New Guinea
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information.
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	3

FANSIPAN CONSTRUCTION CONSULTANTS

Victim website:	fansipan.com.vn
Victim country:	Vietnam
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	3

DV8 TECHNOLOGY GROUP

Victim website:	dv8techgroup.com
Victim country:	South Africa
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	3

CROWD

Victim website:	crowd.pt
Victim country:	Portugal
Attacker name:	8Base
Attacker class:	Cybercrime
Attack technique:	Ransomware
Ransom demand:	N/A
Exfiltrated data amount:	N/A
Exfiltrated data type:	Personal information of the company’s clients, personal correspondence, financial statements, documents containing confidential information
Leaked data:	/
Ransom deadline:	01^st Aug 23
Cyber Risk Factor:	3

Stay safe!

Hackmanac Team

Latest news

HACKS OF TODAY 11-12-13-14-15/05/2024

Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...

HACKS OF TODAY 09-10/05/2024

Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...

OPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE

In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...