DragonForce Ransomware Group Targets PER4MANCE in Major Cyber Attack

In a recent cyber attack, the ransomware group DragonForce has claimed responsibility for targeting PER4MANCE, a Czech Republic-based IT solutions provider. The attack, which was announced on DragonForce's dark web leak site, resulted in the exfiltration of 87.09GB of data from PER4MANCE's systems.

About PER4MANCE

PER4MANCE is a prominent IT service provider headquartered in the Czech Republic. The company specializes in offering a wide range of IT solutions and services, including software development, IT consultancy, and support for IT system implementation and management. Their portfolio includes products and services from leading technology providers such as Altova, Quest, Broadcom, Cisco, Oracle, and VMware. This positions PER4MANCE as a key player in integrating advanced technology into business operations, focusing on data management, application development, and cloud solutions.

With a strong emphasis on optimizing IT environments to enhance efficiency and performance, PER4MANCE collaborates with major technology vendors to deliver cutting-edge solutions that align with industry standards and best practices. The company’s comprehensive approach to IT services makes it a significant entity in the software sector.

Details of the Attack

The ransomware attack on PER4MANCE was executed by DragonForce, a relatively new but increasingly notorious ransomware group that emerged in late 2023. DragonForce employs a double extortion tactic, where they not only encrypt the victim's data but also exfiltrate sensitive information, threatening to release it publicly if the ransom is not paid. In this case, DragonForce exfiltrated 87.09GB of data from PER4MANCE's systems.

DragonForce's ransomware code is reportedly based on a leaked builder from the infamous LockBit ransomware group, suggesting that they have leveraged existing malware to quickly develop and deploy their own ransomware. This sophisticated approach, combined with their double extortion tactics, makes DragonForce a formidable threat to organizations worldwide.

Vulnerabilities and Penetration

While the specific vulnerabilities exploited in the PER4MANCE attack have not been disclosed, it is likely that DragonForce utilized common attack vectors such as phishing emails, unpatched software vulnerabilities, or weak network security protocols. The company's extensive integration with various technology providers and the complexity of managing multiple IT systems could have presented potential entry points for the attackers.

DragonForce has distinguished itself by not only encrypting data but also exfiltrating and threatening to release it, adding pressure on victims to comply with ransom demands. This tactic, combined with their use of sophisticated malware, underscores the importance of comprehensive cybersecurity measures for organizations operating in the IT sector.

• PER4MANCE
• WatchGuard - DragonForce
• Tripwire - DragonForce Ransomware
• SOCRadar - DragonForce Ransomware
• InfoSecurity Magazine - DragonForce Ransomware