Qilin Ransomware Strikes Portuguese IT Firm Luso Cuanza

Incident Date: Sep 25, 2024

Attack Overview
VICTIM
Luso Cuanzа
INDUSTRY
Software
LOCATION
Portugal
ATTACKER
Qilin
FIRST REPORTED
September 25, 2024

Qilin Ransomware Group Targets Luso Cuanza in Sophisticated Cyber Attack

Luso Cuanza, a leading Portuguese IT company specializing in Computer-Aided Design (CAD) solutions, has recently fallen victim to a ransomware attack orchestrated by the notorious Qilin group. This incident highlights the growing threat of ransomware attacks on companies operating in the technology sector.

About Luso Cuanza

Established in 1991 and based in Lisbon, Luso Cuanza has built a reputation as a prominent provider of integrated IT solutions, particularly in the realm of CAD for civil engineering and architectural design. The company serves over 600 clients, including major corporations and government institutions, and is recognized for its strategic partnerships with technology giants like Autodesk, HP, and Microsoft. Despite its relatively small workforce of approximately 19 employees, Luso Cuanza has consistently been acknowledged for its excellence as an Autodesk reseller.

Attack Overview

The Qilin ransomware group, known for its sophisticated cyber attacks, has claimed responsibility for the breach. The attackers reportedly gained access to Luso Cuanza's systems, potentially compromising sensitive data and disrupting business operations. The attack underscores the vulnerabilities faced by companies in the IT sector, particularly those with extensive digital assets and client data.

Qilin Ransomware Group

Qilin, also known as Agenda, operates under a Ransomware-as-a-Service (RaaS) model, providing affiliates with tools to conduct ransomware operations. The group distinguishes itself through its use of Rust-based malware, which enhances its evasion capabilities and allows for attacks across multiple operating systems. Qilin employs a double extortion strategy, encrypting data and threatening to release it if ransoms are not paid. Their operations have targeted over 150 organizations globally, affecting sectors such as healthcare and education.

Potential Vulnerabilities

Luso Cuanza's extensive digital infrastructure and reliance on partnerships with major technology firms may have made it an attractive target for Qilin. The company's focus on CAD solutions and its role as an Autodesk reseller suggest a wealth of valuable data that could be exploited by cybercriminals. The attack highlights the importance of effective cybersecurity measures, particularly for companies handling sensitive client information.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.