BSH Soft Hit by ElDorado Ransomware Exposing Data Vulnerabilities

Incident Date: Oct 01, 2024

Attack Overview

VICTIM

BSH Soft

INDUSTRY

Business Services

LOCATION

United Arab Emirates

ATTACKER

ElDorado

FIRST REPORTED

October 1, 2024

Request Removal

Ransomware Attack on BSH Soft by ElDorado Group

BSH Soft, a prominent provider of Human Capital Management (HCM) solutions and payroll services in the Middle East, has recently fallen victim to a ransomware attack orchestrated by the ElDorado group. This incident has sparked serious concerns regarding the security of sensitive data managed by the company, which caters to over 300 multinational corporations in the region.

Company Profile and Industry Standing

Founded in 1993, BSH Soft has established itself in the HCM sector by delivering proprietary software solutions such as HR-Base and HR-Easy. These tools are crafted to optimize payroll and HR processes, serving a wide-ranging clientele that spans government, military, banking, and distribution sectors. The company's strategic alliance with ADP has further cemented its status as a leader in the global payroll market. Despite its regional focus, BSH Soft's technological advancements and customer-focused approach have made it a significant player in the industry.

Vulnerabilities and Attack Overview

This attack on BSH Soft highlights the vulnerabilities that exist in companies handling large volumes of sensitive data. As a provider of cloud-based solutions, BSH Soft's dependence on digital infrastructure renders it an attractive target for cybercriminals. The ElDorado group, notorious for its sophisticated Ransomware-as-a-Service (RaaS) operations, likely exploited these vulnerabilities to breach BSH Soft's systems. The ransomware, crafted in Golang, is adept at targeting both Windows and Linux systems, potentially easing the infiltration process.

ElDorado Ransomware Group

ElDorado surfaced in early 2024, quickly becoming a formidable force in the cybercrime arena. The group is distinguished by its cross-platform capabilities and advanced encryption methods, employing ChaCha20 for file encryption and RSA-OAEP for key encryption. ElDorado's proficiency in recruiting affiliates and tailoring attack parameters makes it a versatile and perilous adversary. The group's focus on sectors such as real estate, healthcare, and education underscores its strategic targeting of industries with critical data.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.