LockBit 3.0 Ransomware Attack on DAGMA Argentina

Incident Date: May 09, 2024

Attack Overview

VICTIM

DAGMA AR

INDUSTRY

Holding Companies & Conglomerates

LOCATION

Argentina

ATTACKER

Lockbit

FIRST REPORTED

May 9, 2024

Request Removal

Ransomware Attack on DAGMA Argentina by LockBit 3.0

Company Profile and Attack Details

DAGMA Argentina, a company based in Argentina, provides IT services with a focus on security solutions and data protection. The company stands out in the industry for its commitment to offering solutions that safeguard sensitive information and enhance data security measures. DAGMA AR is a relatively small company with a team of 7 employees, operating on a smaller scale compared to some competitors in the industry.

The company was recently targeted by a cyberattack deploying LockBit 3.0 ransomware, with the company facing severe consequences. This attack encrypted crucial data, potentially causing significant financial losses, reputational damage, and operational disruptions. The company's vulnerabilities in being targeted by threat actors lie in its specialization in IT services, particularly in security and data protection, making it an attractive target for ransomware attacks

Ransomware Group Distinction

LockBit 3.0 distinguishes itself by being an evolution of the LockBit ransomware group, adopting an affiliate-based ransomware approach and introducing new features and capabilities. The group behind LockBit 3.0 actively recruits affiliates, targets a wide range of businesses and critical infrastructure organizations, and expands its attack volume across various devices and operating systems. The ransomware is heavily obfuscated and protected against analysis, making it challenging for security researchers to study, and it has features like lateral movement through a network and self-trace deletion to cover its tracks.

LockBit May Attacks

This is part of the May 2024 attacks by LockBit 3.0, a cybercriminal group that resurfaced following the disruption of its infrastructure during "Operation Cronos." Despite arrests and dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's resurgence highlights the necessity for enhanced international cooperation to effectively combat cybercrime and safeguard digital ecosystems against evolving threats.

Sources:

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.