LockBit 3.0 Ransomware Attack on Moga International Ltd.
Ransomware Attack on Moga International Ltd. by LockBit 3.0
Victim Profile
Moga International Ltd., operating under the brand name Mogaisrael, is a family-owned private company based in Israel. They are the leading importer of high-quality and Kosher raw materials for the food industry in Israel. The company specializes in dried vegetables, fruits, spices, and food additives, catering to various industries such as food, dairy farms, and meat processing.
Company Standout
Moga International stands out for its commitment to providing a winning combination of quality and Kashrut solutions, including for Passover, tailored to the unique needs of each client. They collaborate with Kashrut institutions in Israel and worldwide to ensure the highest standards.
Attack and Vulnerabilities
The cyberattack on Moga International by LockBit 3.0 involved the use of ransomware to compromise the victim's systems. Instead of demanding a ransom for decryption, the attacker fully published leaked data, including sensitive information like agreements, financial data, and personally identifiable information. This data exposure poses significant risks to the company, its clients, and stakeholders.
Being a prominent importer of high-quality and Kosher raw materials, Moga International may have been targeted by threat actors due to the sensitive nature of the data they handle. The company's reputation and relationships with clients could be at risk due to the exposure of this sensitive information.
Ransomware Group Details
The LockBit 3.0 ransomware group, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates since January 2020. LockBit 3.0 is considered one of the most dangerous and disruptive ransomware threats currently active, with advanced features like file encryption, desktop modifications, and lateral movement through networks.
LockBit May Attacks
This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group, resurfaced with vigor following the disruption of its infrastructure during "Operation Cronos," a collaborative effort by international law enforcement agencies. Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform, with subsequent attacks adding to the tally. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability.
Sources:
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!