RansomHub Strikes Okuant Limited: A Cybersecurity Threat
Ransomware Attack on Okuant Limited by RansomHub
Victim Overview
Okuant Limited, a real estate investment company based in Madrid, Spain, fell victim to a ransomware attack orchestrated by the cybercriminal group RansomHub. The company specializes in the acquisition and management of real estate portfolios, aiming to generate profitability for its clients in the Spanish real estate market.
Company Size and Standout Features
The company has a workforce of over 100 full-time employees and is known for its technology that enables real-time detection and valuation of investment opportunities. This, along with its market positioning and negotiation power, makes it a reliable option for investment procedures.
Attack Details
The ransomware attack on Okuant resulted in the exfiltration of 5 GB of data, including customers' and employees' information, financial data, and more. The attackers, RansomHub, did not disclose the specific ransom demand, but they leaked a sample of the compromised data as part of the attack's consequences.
Ransomware Group - RansomHub
RansomHub is a new ransomware group known for making claims and backing them up with data leaks. The group operates as a Ransomware-as-a-Service (RaaS) entity, with affiliates receiving 90% of the ransom money. RansomHub has targeted various countries, including the US, Brazil, Indonesia, and Vietnam, with a focus on healthcare-related institutions.
Attack Vector
RansomHub's ransomware strains are written in Golang, a language choice that aligns with recent trends in the ransomware landscape. The group's operations resemble a traditional Russian ransomware setup, indicating potential roots in Russia. The use of AI technology in ransomware attacks has made them more effective, increasing the volume of attacks and posing a significant threat to organizations like Okuant Limited.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!