Espack Euro Logistics Hit by Cactus Ransomware Attack

Incident Date: Jun 02, 2024

Attack Overview

VICTIM

ESPACK EUROLOGISTICA, S.L.

INDUSTRY

Transportation

LOCATION

Spain

ATTACKER

Cactus

FIRST REPORTED

June 2, 2024

Request Removal

Ransomware Attack on Espack Euro Logistics

Company Overview

Espack Euro Logistics, operating under the name ESPACK EUROLOGISTICA, S.L., is a logistics and supply chain company headquartered in Madrid, Spain. The company specializes in packaging activities and administrative support services, catering to businesses in need of transportation and logistics solutions. With an annual turnover of approximately $17.3 million and a workforce of between 50 and 249 employees, Espack Euro Logistics is a significant player in the industry.

Company Profile

Recognized for its active presence and commitment to providing efficient logistics services, ESPACK EUROLOGISTICA, S.L. has been operational since its incorporation in July 2004. The company operates under European Union Law and maintains an overseas status with an address in Valencia, Spain, ensuring robust logistics support to its clients.

Company Vulnerabilities

Operating in the transportation sector, Espack Euro Logistics is exposed to various cyber threats, including ransomware attacks. Cybercriminals, such as the Cactus ransomware group, target organizations across different industries, exploiting vulnerabilities like ZeroLogon to gain unauthorized access and deploy ransomware. The sensitive nature of logistical data makes companies like Espack Euro Logistics prime targets for such attacks.

Ransomware Attack Overview

The Cactus ransomware group recently executed an attack on Espack Euro Logistics' website, compromising sensitive data related to the company's operations. The breach resulted in the exposure of corporate details, financial data, employee and executive information, and database exports. This incident poses significant risks to the company's operational integrity and reputation.

Ransomware Group Profile

The Cactus ransomware group, known for its ransomware-as-a-service (RaaS) model, employs sophisticated techniques to bypass security measures and encrypt files. Leveraging malvertising lures and exploiting vulnerabilities such as ZeroLogon, the group uses distinctive encryption methods to conduct targeted attacks on various organizations, enhancing their efficacy and impact.

Penetration of Company Systems

The Cactus ransomware group likely infiltrated Espack Euro Logistics' systems through methods such as exploiting Remote Desktop Protocol (RDP), scheduled tasks, and Windows Management Instrumentation Command (WMIC). By creating multiple accounts and escalating privileges, the attackers could navigate laterally within the company's network, avoiding detection and ensuring persistent access.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.