blackbyte attacks Argonaut Gold

Incident Date: Feb 05, 2022

Attack Overview
VICTIM
Argonaut Gold
INDUSTRY
Minerals & Mining
LOCATION
Mexico
ATTACKER
Blackbyte
FIRST REPORTED
February 5, 2022

Argonaut Gold Suffers Ransomware Attack by Blackbyte

Argonaut Gold, a company operating in the Minerals & Mining sector, has been targeted by the ransomware group Blackbyte. The attack was announced on the group's dark web leak site, and the victim's website is Argonaut Gold is a mid-tier gold producer with a portfolio of producing mines and development projects in Canada and the United States.

The company's website does not provide detailed information about its size or specific vulnerabilities that may have contributed to the attack. However, it is known that Blackbyte is a ransomware group that uses a dropper written in JavaScript to deploy a .NET payload. The group has been active since at least November 18, 2021, and supports execution on various operating systems, including Windows, Linux, and VMWare ESXi.

Blackbyte is known for deploying ransomware as a service (RaaS), and its ransomware, ALPHV, is written in the Rust programming language and supports execution on multiple platforms. ALPHV can encrypt files using either the AES or ChaCha20 algorithms and can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers.

Argonaut Gold's website does not provide information about its cybersecurity measures or any recent data breaches. However, it is known that data breaches can occur due to intentional hacking, criminal cyber-attacks, or human error, and they can lead to personal data breaches and put the personal information of individuals at risk.

The attack on Argonaut Gold is part of a larger trend of ransomware attacks on organizations worldwide, causing personal data breaches in many cases. Law enforcement and IT security companies have joined forces to disrupt cybercriminal businesses with ransomware connections.

Argonaut Gold has not issued a public statement about the attack or its response to it. The company's website does not provide a contact page or any other means for users to report issues or request assistance.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.