Ransomware Attack on Fortify Enterprise Inc. by APT73

Incident Date: May 08, 2024

Attack Overview
VICTIM
Fortify Enterprise Inc.
INDUSTRY
Software
LOCATION
Canada
ATTACKER
APT73
FIRST REPORTED
May 8, 2024

Ransomware Attack on Fortify Enterprise Inc. by APT73

Victim Profile: Fortify Enterprise Inc.

Fortify Enterprise Inc., a software development company established in 2015, is renowned for crafting dependable software solutions customized for businesses. Their emphasis on quality and reliability has garnered them a reputation as industry professionals. However, like many digital-centric enterprises, they face vulnerability to cyber attacks, given their reliance on online platforms and handling of sensitive corporate data. This susceptibility makes them potential targets for threat actors aiming to exploit valuable information.

APT73 attacks Fortify

In the cybersecurity incident involving APT73 targeting Fortify Enterprise Inc., the attackers exfiltrated sensitive data, including SSH public keys, full login admin credentials, passports, and potentially more information. They used ransomware as their method of attack. The leaked data represents a considerable security threat to the company. Operating its website from an IP address located in Prague, Czechia, APT73 utilizes AS9009, associated with various malicious activities and ransomware groups. Their logo, depicting a venomous snake with spider legs, is adapted with a red color scheme for their data leak site named "ERALEIGNEWS".

Sources:

APT73 - ERALEIGNEWS: Unveiling New Ransomware Group

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.