Attack Overview
VICTIM
EliTech
INDUSTRY
Healthcare Services
LOCATION
United Kingdom
ATTACKER
Snatch
FIRST REPORTED
June 5, 2023

Eisai Co Hit with Ransomware Attack

Eisai Co has been hit with a ransomware attack. Eisai is a pharmaceutical company headquartered in Tokyo, Japan. It has The Snatch ransomware gang has allegedly attacked EliTech. The pharmaceutical giant confirmed on June 6th that several of its group servers were hit with a ransomware attack. To the company's knowledge, no confidential material was leaked. The company cut off links with part of its domestic and overseas internal systems to limit the impact of the attack. Eisai is reportedly working with experts and police to restore their systems but has not confirmed whether the hackers have demanded a ransom.

Eli Tech and Potential Supply Chain Risks

Eli Tech, a molecular diagnostics company, has laboratories in more than 100 countries and employs over 650 people. The company specializes in in-vitro diagnostics and sells instruments and software to partners around the world, suggesting there may be a risk of future supply chain attacks. EliTech specializes in specific IVD technologies within these market segments: Molecular Diagnostics (MDx), Clinical Chemistry (CC) and Biomedical Systems (EBS), and Microbiology (EM).

Snatch Ransomware Gang's Tactics

While Snatch hasn't confirmed how much data it claims to have stolen, the ransomware gang has posted EliTech's details on its dark web leak site. EliTech has neither confirmed nor denied the attack. The Snatch ransomware gang, which first appeared in 2018, uses sophisticated AES encryption to prevent victims from accessing their information. The hackers use Windows registry keys to boot in safe mode. Snatch typically targets high-profile organizations and forces target systems to reboot in safe mode to disable antivirus software. Snatch typically demands between 1 and 5 bitcoins as ransom, and researchers have not yet found a way to decrypt stolen information. The ransomware gang initially targeted regular users with spam emails, but since 2019 has targeted entire organizations.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

1
2
3
Let's get started
1
1
2
3
1
1
2
2
3
Back
Next
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.