Mantinga Faces Ransomware Threat from Hunters International

Incident Date: Nov 18, 2024

Attack Overview

VICTIM

Mantinga

INDUSTRY

Manufacturing

LOCATION

Lithuania

ATTACKER

Hunters International

FIRST REPORTED

November 18, 2024

Request Removal

Ransomware Attack on Mantinga: A Deep Dive into the Hunters International Breach

On November 18, Mantinga, a leading Lithuanian food and beverage manufacturing company, became the latest victim of a ransomware attack orchestrated by the notorious Hunters International group. Known for its extensive range of frozen bakery and convenience food products, Mantinga has established itself as a significant player in the Baltic States' manufacturing sector. The attack has raised concerns about the vulnerabilities of even well-established companies in the face of sophisticated cyber threats.

Company Profile: Mantinga's Industry Standing

Founded in 1998 in Marijampolė, Lithuania, Mantinga has grown to become the largest producer of bread, snacks, and frozen products in the Baltic States. The company operates multiple production facilities, including three factories in Marijampolė and a recently acquired plant in Latvia, covering a total production area of over 41,000 square meters. With a product range featuring over 1,000 items and exports to nearly 40 countries, Mantinga is recognized for its innovation and commitment to quality. This extensive operational scale and international reach make Mantinga a lucrative target for cybercriminals.

Attack Overview: Hunters International's Modus Operandi

The attack on Mantinga involved data exfiltration and encryption, a hallmark of Hunters International's double extortion tactics. The group's ability to penetrate Mantinga's systems suggests potential vulnerabilities in the company's cybersecurity infrastructure, possibly through phishing campaigns or exploitation of remote services. The attack disrupted Mantinga's website, mantinga.lt, highlighting the operational impact of such breaches.

Hunters International: A Rising Threat

Emerging in October 2023, Hunters International quickly gained notoriety by leveraging code from the dismantled Hive ransomware operation. As a Ransomware-as-a-Service (RaaS) group, they employ affiliates globally to execute attacks, focusing on industries like manufacturing, healthcare, and finance. Their use of Rust-developed ransomware allows for cross-platform targeting, enhancing their adaptability and threat level. The group's sophisticated techniques, including the use of custom malware like SharpRhino, enable them to bypass advanced security measures, as seen in previous high-profile attacks.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.