news
HACKS OF TODAY 25/08/2023
Today’s HOT includes 15 ransomware victims by the notorious NoEscape, Play, ALPHV/BlackCat, LockBit 3.0, 8Base, Medusa and Rhysida gangs.
The average Cyber Risk Factor is 4.3.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
FIOCRUZ
Victim website: | fiocruz.br |
Victim country: | Brazil |
Attacker name: | NoEscape |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 500 GB |
Exfiltrated data type: | Backups and databases, projects, legal documents, financial data, confidential agreements, HR sensitive and confidential data of clients and partners, passports, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 27th Aug 23 |
Cyber Risk Factor: | 5 |
TRIMARAN CAPITAL PARTNERS
Victim website: | trimarancapital.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 2 TB |
Exfiltrated data type: | personal data, documents and photos of your customers and employees, financial records,, non-disclosure information, bank details, directors’ credit transactions and much more |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
ALFAGOMMA
Victim website: | alfagomma.com |
Victim country: | Italy |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 937 GB |
Exfiltrated data type: | Private and personal confidential data, clients and employee documents, contracts, IDs, HR, finance information a lot of technical documentation and etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
ARGUS FLUIDHANDLING
Victim website: | argusfluidhandling.com |
Victim country: | United Kingdom |
Attacker name: | Play |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 937 GB |
Exfiltrated data type: | Private and personal confidential data, clients and employee documents, contracts, IDs, HR, finance information a lot of technical documentation and etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
SENAC-RS
Victim website: | senacrs.com.br |
Victim country: | Brazil |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents including PII documents and customer information |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 29th Aug 23 |
Cyber Risk Factor: | 4 |
SYDENHAM LABORATORIES
Victim website: | sydenhamlab.com |
Victim country: | Philippines |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 63 GB |
Exfiltrated data type: | Receipts, accounting documents, personal data, certificates, employment contracts, other |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 01st Sep 23 |
Cyber Risk Factor: | 4 |
FA FOUNDRY
Victim website: | fafoundry.com |
Victim country: | Mexico |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 55,6 GB |
Exfiltrated data type: | Invoice, receipts, accounting documents, personal data, certificates, employment contracts, other |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 01st Sep 23 |
Cyber Risk Factor: | 4 |
INSTITUTO NACIONAL DE ELECTRIFICACION
Victim website: | inde.gob.gt |
Victim country: | Guatemala |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 30,5 GB |
Exfiltrated data type: | Invoice, receipts, accounting documents, personal data, certificates, employment contracts |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 01st Sep 23 |
Cyber Risk Factor: | 4 |
PRINCE GEORGE’S COUNTY PUBLIC SCHOOLS
Victim website: | pgcps.org |
Victim country: | Rhysida |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | PII documents and financial data |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
HFH CAPITAL
Victim website: | hfhcapital.com |
Victim country: | USA |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 22,6 GB |
Exfiltrated data type: | Invoice, receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality agreements, personal files of clients |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 01st Sep 23 |
Cyber Risk Factor: | 4 |
EPF
Victim website: | X |
Victim country: | Italy |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Financial and banking documents – Engineering information of EPF, their partners and customers – Banking and insurance information – Accesses to various EPF resources – Personal data – NDA documents and contacts – Employee correspondence |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AXIS ELEVATORS
Victim website: | axiselevators.co.uk |
Victim country: | United Kingdom |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 200,000 |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including financial data, PII documents, employees’ information, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 02nd Sep 23 |
Cyber Risk Factor: | 4 |
DURHAM FASTENERS
Victim website: | durhamindustrialgroup.com |
Victim country: | Canada |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 100,000 |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Accounting, backups, signatures, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 01st Sep 23 |
Cyber Risk Factor: | 4 |
LEN ITALIA
Victim website: | gruppolen.it |
Victim country: | Italy |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 100,000 |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including customers information. PII documents, etc. |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 01st Sep 23 |
Cyber Risk Factor: | 4 |
DEMCOINTER
Victim website: | demcointer.com |
Victim country: | Tunisia |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous including financial documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 11-12-13-14-15/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreHACKS OF TODAY 09-10/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreOPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE
In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...
Read More