Ransomware Attack on Eaton Metal Products Company by Black Basta

Eaton Metal Products Company, a prominent engineering fabricator in the Rocky Mountain region, has been targeted by a ransomware attack executed by the infamous Black Basta group. This breach, publicized on Black Basta's dark web leak site, jeopardizes around 650GB of sensitive data, encompassing accounting records, payroll details, and confidential documents.

About Eaton Metal Products Company

Established in 1880, Eaton Metal Products Company excels in fabricating large-scale metal structures, including pressure vessels, storage tanks, and silos. Operating facilities in Denver, Salt Lake City, and Pocatello, the company caters to various industries such as oil and gas, power generation, and mining. Renowned for its cutting-edge machinery and engineering services, Eaton Metal Products is distinguished by its capability to manage intricate projects and adhere to rigorous customer specifications.

Black Basta Ransomware Group

Since its emergence in April 2022, Black Basta has operated as a Ransomware-as-a-Service (RaaS) provider, notorious for its double extortion strategies. The group focuses on high-value sectors, such as manufacturing, by encrypting files and exfiltrating data to coerce victims into paying ransoms. Black Basta's sophisticated operations involve spear-phishing and exploiting vulnerabilities like CVE-2024-1709 to gain initial network access.

Penetration and Impact

The attack on Eaton Metal Products by Black Basta likely involved spear-phishing campaigns and exploiting known vulnerabilities to penetrate the company's systems. The potential exposure of sensitive data presents significant financial and reputational risks to Eaton Metal Products.

Sources:

• Halcyon AI - Black Basta Leverages Microsoft Teams to Infiltrate Networks
• Halcyon AI - Black Basta Ransomware Gang Exploits Microsoft Windows Zero-Day
• Eaton Metal Products - About Us
• Eaton Metal Products - Facilities
• CISA - Cybersecurity Advisories