LockBit Ransomware Strikes Mexican Firm Oleopalma

Incident Date: Sep 23, 2024

Attack Overview

VICTIM

Oleopalma

INDUSTRY

Agriculture

LOCATION

Mexico

ATTACKER

Lockbit

FIRST REPORTED

September 23, 2024

Request Removal

LockBit 3.0 Ransomware Attack on Oleopalma: A Detailed Analysis

Oleopalma, a prominent Mexican company in the agriculture sector, has recently been targeted by the notorious ransomware group LockBit 3.0. This attack highlights the vulnerabilities faced by companies in the agricultural industry, particularly those with significant digital footprints and data assets.

About Oleopalma

Established in 1999, Oleopalma is a fully Mexican company specializing in the cultivation, production, processing, and commercialization of palm oil and its derivatives. The company operates under the OLEOMEX GROUP and is known for its commitment to sustainability and environmental protection. With a workforce of between 1,001 and 5,000 employees, Oleopalma is a significant player in the Mexican palm oil sector. Their operations are guided by principles of profitability, social responsibility, and environmental sustainability, making them a standout in their industry.

Attack Overview

The LockBit 3.0 group has claimed responsibility for the ransomware attack on Oleopalma, asserting that they have exfiltrated 200 GB of sensitive data. The attackers have set a ransom payment deadline for October 14, 2023, threatening to publish the stolen data if their demands are not met. This attack underscores the growing threat of ransomware to companies with substantial data assets and highlights the need for effective cybersecurity measures.

About LockBit 3.0

LockBit 3.0 is a sophisticated ransomware-as-a-service (RaaS) group known for its modular ransomware that employs RSA-2048 and AES-256 encryption algorithms. The group is notorious for its "double extortion" tactics, where they exfiltrate sensitive data and threaten to release it publicly if the ransom is not paid. LockBit 3.0 has been active since September 2019 and has become one of the most active ransomware groups globally.

Potential Vulnerabilities

Oleopalma's extensive digital operations and data assets make it a lucrative target for ransomware groups like LockBit 3.0. The attack could have been facilitated by exploiting vulnerabilities in Remote Desktop Protocol (RDP) services or unsecured network shares, common entry points for ransomware attacks. The incident highlights the importance of maintaining up-to-date security measures and employee awareness to mitigate such threats.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.