AO IT Group Hit by Hunters International Ransomware Attack

Incident Date: Nov 15, 2024

Attack Overview

VICTIM

A&O IT Group

INDUSTRY

Education

LOCATION

United Kingdom

ATTACKER

Hunters International

FIRST REPORTED

November 15, 2024

Request Removal

Ransomware Attack on A&O IT Group by Hunters International

A&O IT Group, a leading provider of IT support and services, has fallen victim to a ransomware attack orchestrated by the notorious Hunters International group. This incident highlights the vulnerabilities even well-established IT firms face in the evolving cyber threat landscape.

About A&O IT Group

Established in 1963 and headquartered in Bracknell, United Kingdom, A&O IT Group is a prominent player in the IT services sector. With over 256 employees and an annual revenue of approximately $50.8 million, the company offers a comprehensive range of services, including IT managed services, project services, and cybersecurity solutions. A&O IT Group is recognized for its extensive experience and global reach, operating in more than 130 countries. Their commitment to customer satisfaction and innovation has positioned them as a trusted partner for businesses navigating complex IT environments.

Attack Overview

The ransomware group Hunters International claims to have exfiltrated 620.3 GB of sensitive data from A&O IT Group. The attack involved encrypting the company's data, potentially disrupting its operations and client services. This breach underscores the critical need for effective cybersecurity measures, even for companies specializing in IT and cybersecurity services.

Hunters International: A Formidable Threat

Emerging in October 2023, Hunters International is a Ransomware-as-a-Service (RaaS) group known for its sophisticated attacks. Utilizing code from the defunct Hive ransomware, the group employs double extortion tactics, combining data encryption with data theft. Their malware, developed in Rust, allows for cross-platform targeting, making it highly adaptable and effective against enterprise environments. The group has executed over 130 attacks globally, focusing on industries like healthcare, finance, and manufacturing.

Potential Vulnerabilities

Despite A&O IT Group's expertise in cybersecurity, the attack by Hunters International suggests potential vulnerabilities in their defenses. The group likely penetrated the company's systems through phishing campaigns, RDP exploitation, or supply chain attacks. Their use of sophisticated techniques, such as the SharpRhino Remote Access Trojan, highlights the challenges organizations face in defending against advanced persistent threats.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.