Ransomware Hits Lácteos Lorán by Sarcoma Group

Incident Date: Oct 09, 2024

Attack Overview
VICTIM
Lácteos Lorán
INDUSTRY
Manufacturing
LOCATION
Spain
ATTACKER
Sarcoma
FIRST REPORTED
October 9, 2024

Ransomware Attack on Lácteos Lorán by Sarcoma Group

Lácteos Lorán, a prominent cheese manufacturer based in Gontán, Abadín, Lugo, has recently become a victim of a ransomware attack by the emerging cybercriminal group known as "Sarcoma." This incident highlights the increasing threat posed by ransomware groups targeting diverse industries worldwide.

Company Profile: Lácteos Lorán

Founded in 1973, Lácteos Lorán is a well-established company specializing in cheese production. The company processes approximately 45,000 liters of milk daily, showcasing significant growth from its humble beginnings. Known for its diverse range of cheese products, including Queso Lorán and San Simón, the company has carved a niche in the dairy industry by blending traditional cheese-making techniques with modern innovations. Lácteos Lorán employs between 20 to 49 people and generates an estimated revenue of 1 to 5 million euros annually. Their commitment to quality and safety, along with strong relationships with local milk suppliers, has been a cornerstone of their operations.

Attack Overview

The ransomware attack on Lácteos Lorán was orchestrated by Sarcoma, a newly identified group that has quickly gained notoriety for its aggressive tactics. The group has listed Lácteos Lorán among over 30 victims on its dark web portal, indicating a broadening scope of operations. The attack underscores the vulnerabilities faced by small to medium-sized enterprises in the manufacturing sector, which may lack the cybersecurity infrastructure needed to fend off sophisticated cyber threats.

Sarcoma Ransomware Group

Sarcoma has distinguished itself in the cyber threat landscape through its aggressive data exfiltration and double extortion strategies. The group not only encrypts files but also threatens to leak sensitive information publicly if ransom demands are not met. Sarcoma's operations have primarily targeted industries in the USA, Canada, Australia, and Spain, with a notable presence on the darknet where it lists its victims. The group's emergence in October 2024 has been marked by a series of high-profile attacks, emphasizing the need for heightened vigilance among potential targets.

Potential Vulnerabilities

Lácteos Lorán's vulnerabilities may stem from its size and the nature of its operations. As a small to medium-sized enterprise, the company might not have the extensive cybersecurity resources that larger corporations possess. Additionally, the integration of traditional practices with modern business operations could present security gaps that sophisticated threat actors like Sarcoma can exploit.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.