LockBit 3.0 Ransomware Attack on Arcus S.A.

Incident Date: May 07, 2024

Attack Overview

VICTIM

Arcus S.A.

INDUSTRY

Business Services

LOCATION

Poland

ATTACKER

Lockbit

FIRST REPORTED

May 7, 2024

Request Removal

Ransomware Attack on Arcus S.A. by LockBit 3.0

Victim Profile

Arcus S.A. is a leading provider of solutions that streamline the processing of electronic documents in organizations. Based in Warsaw, Poland, the company has been in operation for over 35 years, supporting clients in optimizing document workflows and reducing costs through intelligent printing and document management solutions.

Company Overview

The company offers a wide range of services, including software, solutions, devices, and reference materials. The company stands out in the industry for its comprehensive services that cater to various needs in the software and device sectors.

Size and Industry Standing

Arcus S.A. is a public company listed on the Warsaw Stock Exchange, with a strong presence in the Business Services sector. The company's offerings in software and IT solutions to improve document processing efficiency, intelligent printing devices and services, and reference materials for document management have solidified its position in the industry.

Vulnerabilities and Attack Details

Recently, the company was targeted by the LockBit 3.0 ransomware group, known for its advanced capabilities and evasive tactics. The ransomware encrypts files, modifies filenames, changes desktop wallpaper, and drops a ransom note on the victim's desktop. LockBit 3.0 is heavily obfuscated and protected against analysis, making it challenging for security researchers to study and mitigate.

The ransomware group operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to utilize their malware for attacks. LockBit 3.0 has been used to target a wide range of organizations globally, including major companies like Boeing and the US division of the Chinese bank ICBC.

LockBit May Attacks:

This attack on Arcus S.A. is part of the May 2024 attacks by LockBit 3.0, where the cybercriminal group resurfaced following the disruption of its infrastructure in February. Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform, showcasing its global reach and adaptability in cybercrime activities.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.