LockBit 3.0 Ransomware Attack on Moga International Ltd.

Incident Date: May 09, 2024

Attack Overview
VICTIM
Moga International Ltd.
INDUSTRY
Manufacturing
LOCATION
Israel
ATTACKER
Lockbit
FIRST REPORTED
May 9, 2024

Ransomware Attack on Moga International Ltd. by LockBit 3.0

Victim Profile

Moga International Ltd., operating under the brand name Mogaisrael, is a family-owned private company based in Israel. They are the leading importer of high-quality and Kosher raw materials for the food industry in Israel. The company specializes in dried vegetables, fruits, spices, and food additives, catering to various industries such as food, dairy farms, and meat processing.

Company Standout

Moga International stands out for its commitment to providing a winning combination of quality and Kashrut solutions, including for Passover, tailored to the unique needs of each client. They collaborate with Kashrut institutions in Israel and worldwide to ensure the highest standards.

Attack and Vulnerabilities

The cyberattack on Moga International by LockBit 3.0 involved the use of ransomware to compromise the victim's systems. Instead of demanding a ransom for decryption, the attacker fully published leaked data, including sensitive information like agreements, financial data, and personally identifiable information. This data exposure poses significant risks to the company, its clients, and stakeholders.

Being a prominent importer of high-quality and Kosher raw materials, Moga International may have been targeted by threat actors due to the sensitive nature of the data they handle. The company's reputation and relationships with clients could be at risk due to the exposure of this sensitive information.

Ransomware Group Details

The LockBit 3.0 ransomware group, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates since January 2020. LockBit 3.0 is considered one of the most dangerous and disruptive ransomware threats currently active, with advanced features like file encryption, desktop modifications, and lateral movement through networks.

LockBit May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group, resurfaced with vigor following the disruption of its infrastructure during "Operation Cronos," a collaborative effort by international law enforcement agencies. Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform, with subsequent attacks adding to the tally. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.