Ransomware Attack on Luigi Convertini by CiphBit Group

Luigi Convertini, a prominent fashion brand specializing in men's apparel, has recently fallen victim to a ransomware attack orchestrated by the CiphBit group. The attack was announced on CiphBit's dark web leak site, where the group threatened to publish the compromised data within 3–4 days if their demands are not met.

About Luigi Convertini

Luigi Convertini, operating under the company name LMC International S.r.l., is based in Martina Franca, located in the Valle D’Itria region of Puglia, Italy. The brand is renowned for its high-quality garments that embody the essence of "Made in Italy." Founded by designer Luigi Convertini, the company blends tradition with innovation, offering a diverse range of men's fashion collections from formal wear to sporty styles. Each piece is crafted with meticulous attention to detail, highlighting the individuality and personality of the wearer.

Company Size and Market Position

LMC International S.r.l. is classified as a small to medium-sized enterprise. While specific employee numbers and revenue figures are not detailed, the brand targets a premium market segment, suggesting a significant revenue stream from high-end fashion sales. The company's commitment to craftsmanship and quality makes it a standout in the competitive fashion industry.

Vulnerabilities and Attack Overview

The attack on Luigi Convertini highlights the vulnerabilities that even well-established companies in the fashion industry can face. The company's reliance on digital systems for design, manufacturing, and sales makes it a potential target for ransomware groups like CiphBit. The attackers likely exploited vulnerabilities in the company's network or software systems to gain access and encrypt critical data.

About CiphBit Ransomware Group

CiphBit is a relatively new player in the ransomware landscape, with its first reported victims in April 2023. The group targets companies rather than home users, focusing on corporate networks and data. CiphBit employs double-extortion tactics, encrypting files and exfiltrating data, and threatens to publish the stolen content if the ransom is not paid. The ransomware encrypts files and appends a unique ID, the attackers' email address, and a random extension to the filenames. Victims are urged to contact the attackers and send a couple of locked files to test decryption.

Potential Penetration Methods

While the exact method of penetration in the Luigi Convertini attack is not detailed, common entry points for ransomware attacks include phishing emails, exploiting unpatched software vulnerabilities, and weak remote access protocols. Companies in the fashion industry, like Luigi Convertini, must remain vigilant and implement effective cybersecurity measures to protect against such threats.

• Luigi Convertini - Company
• PCRisk - CiphBit Ransomware
• Malwarebytes - Ransomware Review October 2023
• Unit 42 - Ransomware Leak Site Data Analysis