Ransomware Hits Milano Promotional Services by 3AM Group
Ransomware Attack on Milano Promotional Services by 3AM Group
Milano Promotional Services (MPS), a family-owned business specializing in promotional services, has recently been targeted by the 3AM ransomware group. This attack has brought to light the vulnerabilities faced by small to medium-sized enterprises in the business services sector.
About Milano Promotional Services
Established in 2005, MPS operates from Riverton, New Jersey, and employs a small team of 2 to 10 individuals. The company focuses on enhancing the operational capabilities of small and medium-sized businesses through innovative promotional solutions. MPS is renowned for its expertise in coupon redemption, rebate processing, and fulfillment services. Their use of modern technology, such as QR code rebates and GS1 barcode generation, sets them apart in the industry. However, their reliance on digital processes may have made them susceptible to cyber threats.
Details of the Attack
The 3AM ransomware group infiltrated MPS's systems, encrypting critical data and demanding a ransom for its release. The attack disrupted MPS's operations, affecting their ability to provide seamless coupon processing and rebate fulfillment services. The attackers likely exploited vulnerabilities in MPS's digital infrastructure, which may have been inadequately protected against sophisticated cyber threats.
Profile of the 3AM Ransomware Group
3AM is a relatively new ransomware strain, known for its sophisticated methods and connections to other cybercriminal organizations. Written in Rust, the ransomware encrypts files and appends the extension `.threeamtime`. It is often used as a fallback option when other ransomware deployments, such as LockBit, fail. The group is linked to well-known ransomware entities like Conti and Royal, indicating a shared infrastructure and tactics. This adaptability and collaboration make 3AM a formidable threat in the cybersecurity landscape.
Potential Penetration Methods
The 3AM group may have penetrated MPS's systems through vulnerabilities in their digital processes or inadequate security measures. The ransomware is known to disrupt security and backup services, maximizing damage and hindering recovery efforts. MPS's reliance on digital solutions for coupon and rebate processing could have provided an entry point for the attackers.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!