Akira Ransomware Attack on Western Dovetail, Inc.
Ransomware Attack on Western Dovetail, Inc. by Akira
Company Profile
Western Dovetail, Inc. specializes in custom wood drawer boxes, offering products that range from $277.95 to $330.25. Based in Vallejo, California, Western Dovetail, Inc. operates within the Construction, Furniture, and Retail sector- The company is distinguished by its blend of old-world craftsmanship and modern technology, ensuring exceptional quality and limitless possibilities for its customers. With 8 employees and $8 million in revenue, Western Dovetail is a key player in its niche market.
Attack Details
The Akira ransomware group targeted Western Dovetail, leaking sensitive data that included employee information (such as addresses, emails, phone numbers, and relatives' contacts), tax and payment information, and some medical data. The group's dark web announcement highlighted Western Dovetail's commitment to maintaining tradition in the modern industry, particularly emphasizing the excellence of dovetail drawers in casework.
Ransomware Group: Akira
Akira is a ransomware group that emerged in March 2023, targeting small to medium-sized businesses across various sectors. Known for its double extortion tactics, the group steals data before encrypting systems and demands ransom for decryption and data deletion. Akira's ransom demands typically range from $200,000 to over $4 million.
Penetration and Vulnerabilities
Akira likely infiltrated Western Dovetail's systems through unauthorized access to VPNs, credential theft, and lateral movement to deploy the ransomware. The group's use of tools like RClone, FileZilla, and WinSCP for data exfiltration, as well as the deployment of a previously unreported backdoor, indicates sophisticated tactics. Western Dovetail's vulnerabilities may have included inadequate cybersecurity measures or outdated software.
Sources:
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!