Kandelaar Elektrotechniek Faces Eldorado Ransomware Threat

Incident Date: Dec 14, 2024

Attack Overview

VICTIM

Kandelaar Electrotechniek

INDUSTRY

Construction

LOCATION

Netherlands

ATTACKER

ElDorado

FIRST REPORTED

December 14, 2024

Request Removal

Ransomware Attack on Kandelaar Elektrotechniek: A Detailed Analysis

The Dutch company Kandelaar Elektrotechniek, renowned for its expertise in electrical engineering, automation, and sustainable technology, has recently fallen victim to a ransomware attack claimed by the Eldorado group. This incident underscores the vulnerabilities faced by small and medium-sized enterprises in the construction sector.

Company Profile and Industry Standing

Kandelaar Elektrotechniek, headquartered in De Kwakel, Netherlands, has over 50 years of experience in providing high-quality electrical systems. The company serves a diverse clientele, primarily focusing on industrial and horticultural businesses. With a team of 15 specialists, Kandelaar is known for its commitment to sustainability and customer satisfaction, offering services that range from luxury residential construction to complex industrial environments. Its reputation as a reliable partner in the Aalsmeer region is well-established, making this attack particularly concerning for its stakeholders.

Attack Overview

The ransomware attack has significantly disrupted Kandelaar's operations, encrypting critical data and halting ongoing projects. The cybercriminals have demanded a substantial ransom for the release of the encrypted data. While the company has not disclosed its decision regarding the ransom payment, it is actively collaborating with cybersecurity experts to assess the damage and restore its systems. This incident highlights the growing threat of ransomware to companies that may lack the resources to defend against sophisticated cyber threats.

Eldorado Ransomware Group

The Eldorado group, recently rebranded as Black Lock, is a ransomware-as-a-service (RaaS) operation known for its sophisticated malware targeting both Linux and Windows systems. The group has gained notoriety for its focus on VMware ESXi servers and its ability to exploit unpatched vulnerabilities. Eldorado's use of the Go programming language and advanced encryption algorithms like ChaCha20 and RSA-OAEP distinguishes it in the cybercriminal landscape. The group's operations are characterized by a strategic approach to targeting sectors such as real estate, education, and manufacturing.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.