LockBit3 Ransomware Strikes Cafe Novell SA

Incident Date: May 27, 2024

Attack Overview

VICTIM

Cafe Novell SA

INDUSTRY

Consumer Services

LOCATION

Spain

ATTACKER

Lockbit

FIRST REPORTED

May 27, 2024

Request Removal

LockBit3 Ransomware Attack on Cafe Novell SA

Company Overview

Cafe Novell SA, a Spanish company founded in 1958, specializes in producing high-quality coffee products. They offer a variety of coffee blends, coffee machines, and accessories for both home and commercial use. The company is known for its commitment to sustainability and ethical sourcing practices, ensuring responsible and environmentally-friendly coffee production.

Company Size and Revenue

Cafe Novell employs more than 50 employees and generates an annual turnover of between 10 and 50 million euros.

Company Standout

Renowned for its dedication to sustainability, quality, and customer satisfaction, Cafe Novell has received certifications such as ISO 9001 for its production center and commercial offices. They collaborate with organizations like UTZ Certified and Fair Trade to promote responsible coffee farming and consumption.

Victim Vulnerabilities

As a key player in the coffee industry with a notable online presence, Cafe Novell SA may have been targeted by threat actors like the LockBit3 ransomware group due to the valuable customer data they possess. Their reliance on digital systems for operations and customer interactions could have made them susceptible to cyber attacks.

Attack Overview

The LockBit3 ransomware group targeted cafesnovell.com, resulting in the leakage of sample data. This attack likely involved encrypting files, modifying filenames, changing desktop wallpapers, and dropping ransom notes on the victim's desktop.

Ransomware Group Profile

The LockBit3 ransomware group, also known as LockBit Black, is an advanced Ransomware-as-a-Service (RaaS) group that has evolved from previous LockBit variants. It is considered one of the most dangerous and disruptive ransomware threats currently active, with features that make it difficult to analyze and defend against.

How the Ransomware Group Operates

Operating under a RaaS model, LockBit3 allows other cybercriminals to use their malware for attacks. The group has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations globally. Known for its advanced infection capacities, customization options, and evasive tactics, LockBit3 is challenging to detect and mitigate.

References

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.