Ransomware Attack by DonutLeaks Compromises All-Mode Communications' Systems
Ransomware Attack on All-Mode Communications by DonutLeaks
Overview of All-Mode Communications
All-Mode Communications, Inc., based in Freeville, New York, has been a cornerstone in the telecommunications sector since 1972. Specializing in designing and installing voice, video, and data solutions, the company serves businesses in the Central New York region. Despite its small size, with approximately five employees, All-Mode has built a reputation for providing high-quality, customized communication systems. Their offerings include both premise and cloud-based VoIP phone systems, cabling infrastructure, trunking services, and data networking solutions.
Details of the Ransomware Attack
All-Mode Communications recently fell victim to a ransomware attack orchestrated by the cybercriminal group DonutLeaks. The attack has compromised the company's data and systems, potentially leading to significant operational disruptions and financial losses. While the specifics of the ransom demand and the extent of the data breach are yet to be disclosed, the incident highlights the growing threat of ransomware attacks on small and medium-sized businesses.
About DonutLeaks Ransomware Group
DonutLeaks is a data extortion group first detected in August 2022. Known for its double-extortion tactics, the group encrypts files and leaks stolen data to extort victims. They use customized ransomware that scans for specific file extensions to encrypt, renaming encrypted files with the ".d0nut" extension. The group maintains a data storage site where stolen data is stored and can be browsed and downloaded by visitors. DonutLeaks is also known for its theatrical ransom notes and data leak site, which feature interesting graphics, humor, and ASCII art.
Potential Vulnerabilities and Penetration Methods
Given All-Mode Communications' small size and limited resources, the company may have been particularly vulnerable to sophisticated cyberattacks. Small businesses often lack the robust cybersecurity measures that larger enterprises can afford, making them attractive targets for ransomware groups like DonutLeaks. The exact method of penetration remains unclear, but common vectors include phishing emails, unpatched software vulnerabilities, and weak network security protocols.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!