ElDorado Ransomware Strikes Lindostar: Data Breach Threat

Incident Date: Jun 06, 2024

Attack Overview

VICTIM

Lindostar

INDUSTRY

Manufacturing

LOCATION

Italy

ATTACKER

ElDorado

FIRST REPORTED

June 6, 2024

Request Removal

ElDorado Ransomware Attack on Lindostar

Overview of Lindostar

Lindostar S.r.l., based in Zola Predosa, Bologna, is an Italian company specializing in high-quality lighting solutions. Founded in 2007, the company employs between 11-50 people and focuses on the design, production, and distribution of innovative lighting fixtures. Their product range includes chandeliers, pendant lights, wall sconces, floor lamps, and table lamps. Lindostar is known for combining advanced technology with elegant design, emphasizing sustainability and energy efficiency through the use of LED technology.

Details of the Attack

Recently, the ransomware group ElDorado has claimed responsibility for an attack on Lindostar, resulting in the exfiltration of 2.7GB of data. The stolen data has been put up for sale on ElDorado's dark web leak site. The attack has significantly impacted Lindostar, a company that prides itself on innovation and customer satisfaction.

About ElDorado

ElDorado is a ransomware group that emerged in 2024, known for its double-extortion tactics. They encrypt victims' files and exfiltrate sensitive data, threatening to release it publicly if ransom demands are not met. Over the past seven months, ElDorado has claimed 15 victims, showcasing their aggressive and sophisticated approach. Their attacks are marked by meticulous targeting and the use of robust encryption algorithms, making it difficult for victims to recover without paying the ransom.

Penetration Methods

To infiltrate systems, ElDorado employs various tactics, including phishing attacks, exploiting unpatched vulnerabilities, and weaknesses in Remote Desktop Protocol (RDP) configurations. They often use legitimate system administration tools for malicious purposes, blending in with normal operations to avoid detection. The group exfiltrates sensitive data before encryption, adding pressure on victims to comply with ransom demands.

Vulnerabilities and Impact

Given Lindostar's relatively small size and potential lack of cybersecurity defenses, it was a vulnerable target for ElDorado. The attack has not only disrupted their operations but also poses a significant threat to their reputation and customer trust. The exfiltration and potential sale of sensitive data could have long-term consequences for the company and its clients.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.