blackbasta attacks Wenzel + Wenzel GmbH
Wenzel + Wenzel GmbH Suffers Ransomware Attack by Blackbasta
Company Overview
Wenzel + Wenzel GmbH, a distinguished construction firm with over six decades of history, is celebrated for its dedication to producing outstanding architecture under the principle that no project is too challenging to undertake. The company has contributed to several notable projects, such as the Badische Staatstheater and the Ulmer Wissenschaftsstadt SCIENCE PARK III, emphasizing sustainability and partnership with other architectural entities.
Vulnerabilities and Targeting
The precise vulnerabilities exploited in the ransomware attack by Blackbasta on Wenzel + Wenzel remain undisclosed. Typically, ransomware syndicates exploit gaps in cybersecurity defenses, including outdated software, unpatched systems, or insufficient password policies. It underscores the importance of maintaining comprehensive cybersecurity protocols to thwart such incursions.
Blackbasta's Attack
Blackbasta, a ransomware collective, has been operational since at least 2020, initially gaining attention with the deployment of Avaddon ransomware. The group employs a JavaScript dropper to deliver a .NET payload and is notorious for appending the .clop extension to files it encrypts, marking its distinct operational footprint.
The breach of Wenzel + Wenzel GmbH by Blackbasta underscores the persistent ransomware menace facing various sectors. It is imperative for enterprises to uphold vigilance and allocate resources towards comprehensive cybersecurity defenses to mitigate the risk of such assaults.
Sources
- Wenzel + Wenzel. (n.d.). Retrieved April 10, 2024, from https://www.wenzel-wenzel.com/de
- ResearchGate. (n.d.). STIX representation of Wannacry Ransomware. Retrieved April 10, 2024, from https://www.researchgate.net/figure/STIX-representation-of-Wannacry-Ransomware_fig2_329064578
- RansomLook. (n.d.). Groups profiles. Retrieved April 10, 2024, from https://www.ransomlook.io/groups
Disclaimer
The Halcyon Attacks Lookout Database is compiled using publicly available information based on the hosting choices of real-world threat actors and data from a variety of trackers. This information is provided in accordance with principles of fair use. Halcyon has made reasonable efforts to sanitize and verify the data; however, we do not guarantee the accuracy, completeness, or reliability of the information provided. Updates to the database are made as new source data becomes available from reputable sources. By accessing, viewing, or using the information within the Halcyon Attacks Lookout Database, you acknowledge and agree to do so entirely at your own risk. No reliance should be placed upon the information for decision-making, and Halcyon disclaims all liability for any inaccuracies or omissions in the data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!