news
HACKS OF TODAY 17-18-19/06/2023
Today’s HOT includes 29 victims:
13 ransomware by the notorious LockBit 3.0, ALPHV/BlackCat, Rhysida, Mallox, Medusa and 8Base gangs, 13 zero-day exploit by Cl0p, 1 data breach and 2 supply chain attacks.
The average Cyber Risk Factor is 4.0.
Read below the full list.
Disclaimer:
Data are collected from public info published on Dark Web.
The Cyber Risk factor is calculated on cyber attacks’ impact based on available data.
It shows the severity of an event: 1 = low, 5 = critical
CONCELLO DE CANGAS
Victim website: | cangas.gal |
Victim country: | Spain |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous documents including personal data, finance and accounting, police data |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 23rd Jun 23 |
Cyber Risk Factor: | 5 |
THE BOSTON GLOBE
Victim website: | bostonglobe.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
Victim website: | reddit.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Data breach |
Ransom demand: | $ 4,500,000 |
Exfiltrated data amount: | 80 GB (zipped) |
Exfiltrated data type: | Confidential data |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 5 |
LOONGSON TECHNOLOGY
Victim website: | loongson.cn |
Victim country: | China |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 120 GB |
Exfiltrated data type: | Files, projects, tests, chips, patents, financing and a huge amount of other information, intellectual property |
Leaked data: | / |
Ransom deadline: | 26th Jun 23 |
Cyber Risk Factor: | 5 |
PRA GROUP
Victim website: | pragroup.no |
Victim country: | Norway |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MARTI GRUPPE
Victim website: | marti.com |
Victim country: | Switzerland |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CEGEDIM
Victim website: | cegedim.com |
Victim country: | France |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
STIWA
Victim website: | stiwa.com |
Victim country: | Austria |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CHINA CITIC BANK INTERNATIONAL LIMITED
Victim website: | cncbinternational.com |
Victim country: | China |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AURBURG
Victim website: | arburg.com |
Victim country: | Germany |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
IC SYSTEM
Victim website: | icsystem.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
UNIVERSITY OF MISSOURI SYSTEM
Victim website: | umsystem.edu |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
COLUMBIA BANK
Victim website: | umpquabank.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
PAN-AMERICAN LIFE INSURANCE GROUP
Victim website: | palig.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
NUANCE
Victim website: | nuance.com |
Victim country: | USA |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
AON
Victim website: | aon.com |
Victim country: | Ireland |
Attacker name: | Cl0p |
Attacker class: | Cybercrime |
Attack technique: | Zero-Day Vulnerability in MOVEit |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CREATIVE LIQUID COATINGS
Victim website: | creativeliquidcoatings.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 100 GB |
Exfiltrated data type: | Miscellaneous documents including information from CK Technologies and McKechnie Vehicle Components, 1600 SSNs, credit history and many confidential data |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
CK TECHNOLOGIES
Victim website: | cktech.biz |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Supply chain attack |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents including confidential data and SSNs |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
MCKECHNIE VEHICLE COMPONENTS
Victim website: | mvcusa.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Supply chain attack |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents including confidential data and SSNs |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
BAUER BUILT
Victim website: | bauerbuilt.com |
Victim country: | USA |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Financial and accounting documents – Personal information and passport data – Databases – Auditor’s reports and strategic information – Marketing data – NDA and Contract Documents – RND – Correspondence history and conversations with company management |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
ZIEGELWERK EDER
Victim website: | ziegel-eder.de |
Victim country: | Germany |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
TDM PERÚ
Victim website: | tdm.com.pe |
Victim country: | Peru |
Attacker name: | LockBit 3.0 |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | 17th Jun 23 |
Cyber Risk Factor: | 4 |
TYCONZ
Victim website: | tyconz.com |
Victim country: | Qatar |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including backups |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
BANGKOK INDUSTRIAL GAS
Victim website: | bigth.com |
Victim country: | Thailand |
Attacker name: | Mallox |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 5 GB |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
EDER ZUKUNFT BAUEN
Victim website: | eder.co.at |
Victim country: | Austria |
Attacker name: | Rhysida |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous documents |
Leaked data: | 100% of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 4 |
FHR ELECTRIC
Victim website: | electricianaz.wpengine.com |
Victim country: | USA |
Attacker name: | Medusa |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | $ 100,000 |
Exfiltrated data amount: | Large amount of data |
Exfiltrated data type: | Miscellaneous including projects and PII documents |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | 27th Jun 23 |
Cyber Risk Factor: | 4 |
PORT BLUE HOTEL GROUP
Victim website: | portbluehotels.com |
Victim country: | Spain |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | 300,000 lines |
Exfiltrated data type: | Database with passports and other personal data |
Leaked data: | / |
Ransom deadline: | 26th Jun 23 |
Cyber Risk Factor: | 4 |
THE DUFRESNE GROUP
Victim website: | thedufresnegroup.ca |
Victim country: | Canada |
Attacker name: | ALPHV/BlackCat |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | Driving licenses, passports, agreements, etc. |
Leaked data: | Sample with proof of the exfiltrated data |
Ransom deadline: | N/A |
Cyber Risk Factor: | 3 |
FUTURA AGRONEGÓCIOS
Victim website: | futuraagro.com.br |
Victim country: | Brazil |
Attacker name: | 8Base |
Attacker class: | Cybercrime |
Attack technique: | Ransomware |
Ransom demand: | N/A |
Exfiltrated data amount: | N/A |
Exfiltrated data type: | N/A |
Leaked data: | / |
Ransom deadline: | 26th Jun 23 |
Cyber Risk Factor: | 2 |
Stay safe!
Hackmanac Team
Latest news
HACKS OF TODAY 11-12-13-14-15/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreHACKS OF TODAY 09-10/05/2024
Today's HOT includes 94 victims by the notorious Hunters International, Rhysida, BianLIan, dAn0n, Qilin, Embargo, Everest, INC Ransom, Black Suit, Monti, Akira, RansomHub, Zero Tolerance...
Read MoreOPERATION CRONOS AND THE MAGNITUDE OF THE LOCKBIT REACTION: 119 PREVIOUSLY UNCLAIMED VICTIMS WORLDWIDE
In recent days, following the events involving the LockBit criminal group and law enforcement with Operation Cronos, the hacker group decided to go all in...
Read More