Pan Gulf Holding Faces Major Ransomware Threat by Sarcoma

Incident Date: Dec 06, 2024

Attack Overview

VICTIM

Pan Gulf Holding

INDUSTRY

Manufacturing

LOCATION

Saudi Arabia

ATTACKER

Sarcoma

FIRST REPORTED

December 6, 2024

Request Removal

Ransomware Attack on Pan Gulf Holding by Sarcoma Group

Pan Gulf Holding, a prominent industrial and investment entity in Saudi Arabia, has allegedly been targeted by a ransomware attack attributed to the Sarcoma group. This breach, identified on December 9, reportedly involves the extraction of 113 GB of critical data, including SQL databases, posing a substantial risk to the company's operations and standing.

About Pan Gulf Holding

Established in 1978, Pan Gulf Holding has carved out a significant niche in the manufacturing sector, primarily catering to the oil and construction industries. The company operates through a network of subsidiaries, focusing on steel, piping, welding, fabrication, food, consulting, technology, automotive, inspection, and testing services. With a workforce ranging from 1,000 to 5,000 employees and a reported revenue of $387 million, Pan Gulf Holding serves major clients such as Saudi ARAMCO and SABIC Industries. Its dedication to quality and innovation has solidified its reputation in the Middle East.

Attack Overview

The Sarcoma ransomware group claims responsibility for exfiltrating a significant archive of files from Pan Gulf Holding, with threats to release the data publicly within a week. This incident underscores potential weaknesses in the company's cybersecurity framework, which may have been exploited by the attackers to access sensitive information. The possible exposure of such a large volume of data highlights the severe risk to Pan Gulf Holding's operations and client confidence.

About Sarcoma Ransomware Group

Sarcoma is a relatively new yet aggressive ransomware group that surfaced in October 2024. Notorious for its double extortion strategies, the group encrypts victims' data and threatens to leak it if ransom demands are unmet. Sarcoma has targeted various sectors worldwide, including healthcare, manufacturing, and finance. The group is known for targeting supply chains and employing advanced encryption methods, complicating data recovery without paying the ransom.

Potential Penetration Methods

Although specific details of Sarcoma's penetration into Pan Gulf Holding's systems remain undisclosed, the group is known for exploiting supply chain vulnerabilities and using lateral movement techniques to escalate privileges within networks. This strategy enables them to compromise additional devices and extract sensitive data before deploying encryption malware.

Sources

https://www.ransomware.live/id/UGFuIEd1bGYgSG9sZGluZ0BzYXJjb21h

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.