BNBuilders Hit by Ransomware Attack from Hunters International

Incident Date: Oct 05, 2024

Attack Overview

VICTIM

BNBuilders

INDUSTRY

Construction

LOCATION

USA

ATTACKER

Hunters International

FIRST REPORTED

October 5, 2024

Request Removal

Ransomware Attack on BNBuilders: A Closer Look at the Hunters Group Breach

BNBuilders, a prominent general contracting firm headquartered in Seattle, Washington, has recently fallen victim to a ransomware attack by the notorious group known as Hunters International. The attack, disclosed on October 5, has raised significant concerns about cybersecurity vulnerabilities within the construction sector.

BNBuilders: A Leader in Construction

Founded in 2000, BNBuilders operates as a 100% employee-owned company, specializing in complex construction projects across sectors such as life sciences, healthcare, and technology. With a workforce of over 1,000 employees and annual revenues of approximately $1.3 billion, the company is recognized for its innovative project management techniques and commitment to sustainability. Their use of advanced methodologies like Virtual Design and Construction (VDC) and Lean construction practices sets them apart in the industry.

Details of the Attack

The ransomware group Hunters International claims to have exfiltrated 936.7 GB of sensitive data from BNBuilders, leaving it unencrypted and exposed. This breach threatens the company's operational integrity and client confidentiality, highlighting the construction industry's vulnerability to cyber threats.

Hunters International: A Sophisticated Threat

Emerging in late 2023, Hunters International operates as a Ransomware-as-a-Service (RaaS) provider, known for its sophisticated data leak strategies. The group prioritizes data exfiltration over encryption, leveraging stolen information to pressure victims into paying ransoms. Their ransomware, written in Rust, employs AES and RSA encryption techniques, making it a formidable threat. The group's operations span globally, complicating law enforcement efforts to curb their activities.

Potential Vulnerabilities and Penetration Tactics

Hunters International likely exploited vulnerabilities in BNBuilders' public-facing applications or employed phishing and social engineering tactics to gain access. The construction sector's reliance on digital tools and data management systems makes it an attractive target for cybercriminals. The attack on BNBuilders serves as a stark reminder of the need for enhanced cybersecurity measures in industries handling sensitive data.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.