Carri Systems Hit by AlphaLocker Ransomware in Major Data Breach
AlphaLocker Ransomware Group Targets Carri Systems in Devastating Cyberattack
Carri Systems, a prominent French company specializing in high-performance computing solutions, has recently fallen victim to a ransomware attack orchestrated by the cybercriminal group known as AlphaLocker. The attack has resulted in the exfiltration of critical data, including customer information, financial records, and employee details, putting the company in a precarious position as it navigates the aftermath of this breach.
About Carri Systems
Founded in 1992, Carri Systems is headquartered in Noisy le Sec, France. The company is recognized for its expertise in designing and manufacturing tailored workstations and servers, catering to a diverse clientele that includes over 6,000 organizations across various sectors such as academia, research, and industry. Carri Systems has distinguished itself through its innovative offerings in artificial intelligence and virtual reality solutions. The company employs approximately 12 individuals and reported an annual revenue of around $5 million, reflecting its stable position within the high-performance computing market.
Attack Overview
The ransomware attack on Carri Systems was claimed by the AlphaLocker group via their dark web leak site. The attackers successfully infiltrated the company's servers, exfiltrating sensitive data such as financial service records, marketing strategies, and production details. The stolen data has been listed on a secret link provided by the attackers, who have threatened to release this information unless their demands are met. Carri Systems is currently assessing the full extent of the damage and working on a response strategy to mitigate the impact of this cyberattack.
About AlphaLocker
AlphaLocker is a relatively new ransomware variant that emerged in mid-2023. It operates as a ransomware-as-a-service (RaaS) model, selling its malware to cybercriminals for a low cost. The ransomware primarily spreads through phishing emails containing infected attachments. Once executed, AlphaLocker encrypts files on the victim's computer using an asymmetric encryption algorithm. The group operates a dedicated data leak site on the dark web called "MYDATA," where they list their victims and the stolen data.
Penetration and Vulnerabilities
AlphaLocker likely penetrated Carri Systems' defenses through phishing emails containing infected attachments. The ransomware group utilizes various tools to evade detection during the infection process. Carri Systems, despite its technological advancements, may have been vulnerable due to potential gaps in email security and employee awareness training. The company's small size and specialized focus might have also contributed to its susceptibility to such targeted attacks.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!