Abyss Ransomware Group Targets Malca-Amit, Threatens Data Leak

Incident Date: Jun 18, 2024

Attack Overview

VICTIM

Malca-Amit

INDUSTRY

Transportation

LOCATION

Italy

ATTACKER

Abyss

FIRST REPORTED

June 18, 2024

Request Removal

Ransomware Attack on Malca-Amit by Abyss Group

Company Profile: Malca-Amit

Malca-Amit Global Limited, established in 1963 and headquartered in Hong Kong, is a pivotal player in the global logistics sector, specializing in the secure transportation and storage of high-value assets such as precious metals, diamonds, and fine art. With an annual revenue of $104.4 million and a workforce of approximately 256 employees, the company excels in providing innovative security solutions and exceptional customer service. Malca-Amit operates highly-secured facilities worldwide, offering services that include secure door-to-door delivery and specialized insurance coverage, making them a trusted partner for luxury goods industries and high-net-worth individuals.

Details of the Ransomware Attack

The Abyss Ransomware group, known for its aggressive multi-extortion tactics, has recently targeted Malca-Amit, claiming to have exfiltrated 30 GB of sensitive organizational data. The group has threatened to release the decryption key publicly on June 19, 2024, potentially leading to significant breaches of client confidentiality and financial losses for the company.

About Abyss Ransomware Group

Abyss, emerging in March 2023, primarily targets VMware ESXi environments and is notorious for its TOR-based operations where it lists victims and stolen data. The group's modus operandi includes exploiting weak SSH configurations and leveraging the Babuk codebase for Linux systems. Their recent activities have shown a rapid expansion across various sectors, marking them as a formidable threat in the cybersecurity landscape.

Potential Vulnerabilities and Entry Points

Given Malca-Amit’s extensive use of advanced technological solutions for asset tracking and security, it is plausible that Abyss may have exploited vulnerabilities in these systems, particularly through SSH brute force attacks. The high-value nature of Malca-Amit's shipments and the data sensitivity of their operations likely made them an attractive target for Abyss, aiming to leverage stolen data for ransom.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.