Dorner Law Targeted by Hunters International Ransomware
Ransomware Attack on Dorner Law & Title Services by Hunters International
Dorner Law & Title Services, a well-established legal firm based in Acton, Massachusetts, has recently fallen victim to a ransomware attack orchestrated by the notorious Hunters International group. Specializing in real estate law, the firm has been a trusted partner for clients across Massachusetts, New Hampshire, and Maine since its inception in 1992. The firm is led by Hillery Dorner and is known for its personalized approach to handling real estate transactions, title clearing, and legal support for small business formations.
Attack Overview
The breach was discovered on November 19, involving the exfiltration of approximately 655.1GB of sensitive data. Interestingly, the attackers chose not to encrypt the data, a strategic decision likely aimed at accessing sensitive information without disrupting the firm's operations. This approach suggests a focus on data theft rather than operational disruption, a tactic that aligns with Hunters International's modus operandi of double extortion.
About Dorner Law & Title Services
Dorner Law & Title Services is a small private company with a team of experienced attorneys and paralegals. The firm is renowned for its expertise in real estate transactions, including residential and commercial properties, and its commitment to client education. This dedication to client satisfaction has made it a reliable choice for individuals navigating complex property transactions. However, the firm's extensive handling of sensitive client data makes it a lucrative target for ransomware groups seeking to exploit vulnerabilities in data protection.
Hunters International: A Distinctive Threat
Emerging in October 2023, Hunters International is a Ransomware-as-a-Service group that has quickly gained notoriety for its sophisticated attacks. Utilizing code from the defunct Hive ransomware, the group employs double extortion tactics, combining data encryption with data theft. Their malware, developed in Rust, allows for cross-platform targeting, making it highly adaptable and effective against enterprise environments. The group's ability to bypass advanced security measures, as demonstrated in previous attacks, underscores their technical prowess and the threat they pose to organizations like Dorner Law.
Potential Vulnerabilities
The attack on Dorner Law & Title Services highlights potential vulnerabilities in the firm's cybersecurity infrastructure. Given the firm's reliance on sensitive client data, data protection measures are crucial. The attack may have exploited weaknesses in network defenses or employee awareness, common entry points for ransomware groups. The incident serves as a stark reminder of the importance of comprehensive cybersecurity strategies in safeguarding sensitive information.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!