LockBit Ransomware Hits Patel Brass Works: Full Analysis

Incident Date: Jul 31, 2024

Attack Overview

VICTIM

Patel Brass Works

INDUSTRY

Manufacturing

LOCATION

India

ATTACKER

Lockbit

FIRST REPORTED

July 31, 2024

Request Removal

LockBit Ransomware Attack on Patel Brass Works: A Detailed Analysis

On August 5, 2024, Patel Brass Works Pvt. Ltd. (PBW), a renowned manufacturer of engineering components, discovered that it had fallen victim to a ransomware attack orchestrated by the LockBit group. The attack targeted the company's website, pbw-india.com, raising significant concerns about the potential impact on the company's operations and data security.

About Patel Brass Works

Established in 1948, Patel Brass Works Pvt. Ltd. (PBW) is a prominent manufacturer specializing in brass and bronze products. Founded by Late Shri R. C. Patel, the company has evolved from a small foundry in Rajkot, India, to a significant player in the engineering components sector. PBW is ISO 9001:2015 certified and offers a diverse array of products, including single metal and solid bronze bushes, washers, and various spare parts for the railway and marine sectors. The company serves both domestic and international markets, with a significant presence in North America, Latin America, Europe, the Middle East, and the Far East.

Attack Overview

The ransomware attack on PBW was claimed by the LockBit group via their dark web leak site. While the exact size of the data leak remains unknown, the incident has raised significant concerns about the potential impact on the company's operations and data security. The attack targeted the company's website, pbw-india.com, and potentially compromised sensitive data.

About LockBit Ransomware Group

LockBit is a highly sophisticated ransomware-as-a-service (RaaS) group that has been active since September 2019. Known for its modular ransomware, LockBit encrypts its payload until execution to hinder malware analysis and detection. The group employs "double extortion" tactics, exfiltrating sensitive data and threatening to release it publicly if the ransom is not paid. LockBit uses a combination of RSA-2048 and AES-256 encryption algorithms and typically demands payment in Bitcoin. The group is known for exploiting vulnerabilities in Remote Desktop Protocol (RDP) services and unsecured network shares to spread quickly across a network.

Potential Vulnerabilities

PBW's extensive use of advanced machining infrastructure and its significant online presence may have made it a target for threat actors like LockBit. The company's reliance on digital systems for manufacturing and quality assurance processes could have provided multiple entry points for the ransomware. Additionally, the company's international operations and supply chain complexities might have exposed it to various cybersecurity risks.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.