Durham Manufacturing Hit by 305.9 GB Ransomware Attack
Ransomware Attack on Durham Manufacturing by Hunters International
Durham Manufacturing, a well-established manufacturer specializing in industrial storage solutions, has fallen victim to a ransomware attack orchestrated by the Hunters International group. The attack, which has compromised 305.9 GB of sensitive data, poses significant risks to the company's operations and data security.
About Durham Manufacturing
Founded in 1922 and based in Durham, Connecticut, Durham Manufacturing Company is renowned for its durable and functional industrial storage solutions. The company serves various sectors, including manufacturing, warehousing, and distribution, with a product portfolio that includes industrial cabinets, shelving units, workbenches, and tool storage systems. Durham Manufacturing is recognized for its high standards of quality and innovation, maintaining a strong reputation in the industry.
With a workforce of approximately 11 to 50 employees, the company combines expertise with personalized service, catering to a diverse clientele from small businesses to large corporations. Their distribution network enables global shipping, ensuring timely delivery of products worldwide.
Attack Overview
The ransomware group Hunters International has claimed responsibility for the attack on Durham Manufacturing. The group alleges that they have infiltrated the company's systems and exfiltrated 305.9 GB of sensitive data. This breach could severely impact Durham Manufacturing's business continuity and customer trust, given the potential exposure of confidential information.
About Hunters International
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, following the disruption of the notorious Hive ransomware group. The group exhibits significant technical overlap with Hive, suggesting an evolution or offshoot of the dismantled operation. Their ransomware code contains approximately 60% overlap with Hive ransomware version 61, indicating a shared technical lineage.
Hunters International focuses on exfiltrating target data and extorting victims with ransom demands in exchange for the return of the stolen data. The group has targeted victims across various regions, including the US, UK, Germany, and Namibia, without a specific focus on particular industries. Investigations have revealed potential ties to Nigeria, although the group uses fake identities to conceal their true origins.
Penetration and Vulnerabilities
While specific details of how Hunters International penetrated Durham Manufacturing's systems are not disclosed, common vulnerabilities in manufacturing companies include outdated software, insufficient cybersecurity measures, and lack of employee training on phishing attacks. Given the technical sophistication of Hunters International, it is likely that they exploited such vulnerabilities to gain access to Durham Manufacturing's sensitive data.
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!