Forrec S.P.A. Hit by BlackSuit Ransomware, Data Compromised
Forrec S.P.A. Targeted by BlackSuit Ransomware Group
Forrec S.P.A., an Italian company specializing in the design and manufacture of advanced machinery for waste treatment and recycling, has fallen victim to a ransomware attack by the BlackSuit group. The attackers have claimed responsibility for the breach on their dark web leak site, asserting that they have released the company's data.
About Forrec S.P.A.
Established in 2007, Forrec S.P.A. has rapidly grown to become a significant player in the waste management sector. The company is headquartered in Santa Giustina in Colle, Italy, and employs over 90 individuals at its main facility, with an additional 50 employees at its Serbian branch. Forrec's operations span four main segments: research, design, construction of shredders and grinders, and the provision of tailored technological solutions for various types of solid waste. Their innovative approach and commitment to quality have earned them a strong international presence, with sales offices and partnerships across Brazil, North America, and several European nations.
Attack Overview
The BlackSuit ransomware group has claimed responsibility for the attack on Forrec S.P.A., stating that they have exfiltrated and released sensitive company data. The attack was publicized on the group's dark web leak site, a common tactic used by ransomware operators to pressure victims into paying the ransom. The exact details of the data compromised and the ransom demanded have not been disclosed.
About BlackSuit Ransomware Group
BlackSuit is a new ransomware family that emerged in 2023, closely related to the notorious Royal ransomware group. The ransomware targets both Windows and Linux systems, including VMware ESXi servers. It appends the .blacksuit extension to encrypted files and drops a ransom note named README.BlackSuit.txt in each affected directory. The note includes a reference to a Tor chat site for victims to contact the operators. Researchers have found significant similarities between BlackSuit and Royal ransomware, suggesting that BlackSuit may be a new variant developed by the same authors or an affiliate of the Royal ransomware gang.
Potential Vulnerabilities
Forrec S.P.A.'s extensive international operations and reliance on advanced technological solutions for waste management may have made them an attractive target for ransomware groups like BlackSuit. The company's significant digital footprint and the critical nature of its services could have provided multiple entry points for the attackers. Additionally, the interconnected nature of their operations across various countries might have exposed them to vulnerabilities in their cybersecurity defenses.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!