alphv attacks Innotec #100 | LED Lighting and Technology Manufacturer
Innotec #100 | LED Lighting and Technology Manufacturer Targeted by ALPHV Ransomware Group
Company Overview
Innotec, a leading LED lighting and counterweight manufacturer, has been targeted by the ALPHV ransomware group, as reported on the dark web leak site. The company, which operates in the manufacturing sector, has a website at http://www.innotecgroup.com/.
Innotec is known for its commitment to innovation and sustainability. The company has developed numerous patents and trade secrets over the last 30 years, focusing on industrial LED lighting, headrest stays, and metal forming, as well as counterweights. Innotec is dedicated to promoting sustainability by producing PCB-free LED lighting and recycled-material counterweights, minimizing its environmental impact and providing customers with more sustainable and cost-effective solutions.
Vulnerabilities and Targeting
The ALPHV ransomware group, also known as BlackCat, has been observed targeting various organizations worldwide since November 18, 2021. ALPHV is written in the Rust programming language and supports execution on Windows, Linux-based operating systems, and VMWare ESXi. The group can encrypt files using either the AES or ChaCha20 algorithms and can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers to maximize the amount of ransomed data.
Mitigation and Response
In the wake of this attack, it is crucial for Innotec and other organizations to implement robust cybersecurity measures to protect against ransomware attacks. This includes regular software updates, employee training, and the use of multi-factor authentication (MFA) to prevent unauthorized access. Additionally, organizations should consider implementing defense-in-depth strategies, such as automated moving target defense (AMTD), to deter and delay attackers.
Sources
- Ransomware Posts - GitHub Pages: https://github.com
- Groups profiles - RansomLook
- cybersecurity--q3-2023.pdf - Houlihan Lokey: https://www.hl.com
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!