Carver Companies Hit by DragonForce Ransomware, 47.98GB Data Stolen
DragonForce Ransomware Group Targets Carver Companies in Major Cyber Attack
Carver Companies, a multifaceted organization with over 30 years of experience in the maritime, aggregates, and construction sectors, has become the latest victim of a ransomware attack by the notorious DragonForce group. The breach, discovered on August 19, resulted in the exfiltration of 47.98GB of sensitive data.
About Carver Companies
Headquartered in Coeymans, New York, Carver Companies operates across the East Coast of the United States and Canada. The company offers a comprehensive range of services, including logistics, port operations, tug-and-barge transport, and high-quality material supply for construction projects. Carver Companies is known for its commitment to excellence, honesty, and integrity, and has positioned itself as a key player in managing logistics for significant clients like Heidelberg Materials.
With multiple divisions and locations, Carver Companies boasts impressive assets, including multiple tugboats, over 50 barges, and the capability to serve 3,000 miles of coastline. The company also owns a 40-acre industrial port complex and over 300,000 square feet of indoor warehouse space. Their diverse portfolio includes marine terminals, construction services, sand and gravel mining, stevedoring, warehousing, and logistics services.
Details of the Attack
The ransomware attack on Carver Companies was orchestrated by DragonForce, a group that emerged in late 2023. Known for their double extortion tactics, DragonForce encrypts victims' data and exfiltrates sensitive information, threatening to release it publicly if the ransom is not paid. In this case, the group exfiltrated 47.98GB of data from Carver Companies, which they have threatened to release on their "DragonLeaks" dark web site.
About DragonForce
DragonForce is a relatively new but highly active ransomware group. They have claimed a series of high-profile attacks across various industries in the US, UK, Australia, Singapore, and other countries. Their ransomware code is based on a leaked builder from the infamous LockBit ransomware group, suggesting that DragonForce has leveraged this code to quickly develop and deploy their own ransomware. The group has also taken unusual steps, such as publishing audio recordings of negotiations with victims on their leak site.
Potential Vulnerabilities
Carver Companies' extensive operations and significant digital footprint make them a lucrative target for ransomware groups like DragonForce. The company's reliance on integrated solutions and rapid response capabilities may have inadvertently exposed vulnerabilities in their cybersecurity infrastructure. The attack underscores the importance of comprehensive cybersecurity measures, especially for organizations with diverse and expansive operations.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!