Ransomware Attack Hits Gino Giglio Generation by ArcusMedia

Incident Date: Sep 15, 2024

Attack Overview
VICTIM
Gino Giglio Generation Spa
INDUSTRY
Business Services
LOCATION
Italy
ATTACKER
Arcus Media
FIRST REPORTED
September 15, 2024

Ransomware Attack on Gino Giglio Generation S.p.A. by ArcusMedia

Gino Giglio Generation S.p.A. (GGG S.p.A.), a leading Italian company specializing in the wholesale distribution of office supplies, has become the latest victim of a ransomware attack by the notorious group ArcusMedia. The attack was publicly disclosed on September 16, 2024, via ArcusMedia's dark web leak site.

Company Profile

Established in 2004 and headquartered in Naples, Italy, Gino Giglio Generation S.p.A. operates primarily in the wholesale market, supplying a wide range of office supplies to retailers and educational institutions. The company boasts an extensive product catalog featuring over 15,000 items, including various types of paper, art supplies, writing instruments, and other stationery essentials. GGG S.p.A. is known for its rapid delivery services and strong customer support, which have contributed to its annual turnover of approximately €11 million.

Attack Overview

The ransomware attack on Gino Giglio Generation S.p.A. was discovered on September 16, 2024. ArcusMedia, a ransomware group that has quickly gained notoriety since its emergence in May 2024, claimed responsibility for the attack. The extent of the data leak remains unknown, but the group has threatened to release sensitive information if their demands are not met.

ArcusMedia: A Rising Threat

ArcusMedia operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to utilize their ransomware tools. The group has targeted various sectors, including manufacturing, healthcare, and entertainment. Their attack methods typically involve phishing emails to gain initial access, followed by data exfiltration and system encryption as part of their double extortion strategy. ArcusMedia uses custom-built ransomware binaries that are often obfuscated to evade detection.

Vulnerabilities and Penetration

Gino Giglio Generation S.p.A.'s reliance on digital systems for inventory management, order processing, and customer support may have made it vulnerable to cyberattacks. The company's extensive online presence, including its e-commerce website, could have provided multiple entry points for threat actors. Phishing emails, a common tactic used by ArcusMedia, may have been the initial vector for the attack, allowing the group to infiltrate the company's systems and exfiltrate sensitive data before deploying ransomware.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.