RansomHouse attacks Roberto Verino Difusion

Incident Date: Jun 16, 2023

Attack Overview

VICTIM

Roberto Verino Difusion

INDUSTRY

Manufacturing

LOCATION

Spain

ATTACKER

Ransomhouse

FIRST REPORTED

June 16, 2023

Request Removal

RansomHouse Ransomware Gang Attacks Roberto Verino Difusion

The RansomHouse ransomware gang has attacked Roberto Verino Difusion. Roberto Verino Difusion is a clothes designer and manufacturer headquartered in Spain. RansomHouse posted Roberto Verino Difusion to its data leak site on June 15th, claiming to have stolen 737GB of company data. Roberto Verino Difusion has neither confirmed nor denied the incident.

RansomHouse: A New Breed of Cybercriminals

RansomHouse, a relatively recent endeavor, specializes in infiltrating networks through vulnerabilities to unlawfully acquire valuable data. While new malicious actors emerge regularly, RansomHouse exhibits distinctive characteristics that diverge from the norms observed by threat researchers. Contrary to its name, RansomHouse deviates from the conventional ransomware approach and operates as a cybercriminal entity engaged in data extortion. Rather than encrypting systems and employing ransomware, RansomHouse bypasses the encryption phase and instead demands payment for the stolen data.

Remarkably, the threat actors evade accountability for their actions and attribute the blame to organizations (the victims) for their inadequate security measures. RansomHouse conducts campaigns focused on manually exfiltrating data without employing encryption modules, with the primary objective of achieving financial gains. Their methodology is straightforward, as they allocate resources to exfiltrating data and researching vulnerabilities, resulting in attacks that are less intricate compared to traditional asset encryption methods.

The Consequences of Non-Compliance

In instances where a victim refuses to pay the ransom, RansomHouse resorts to public shaming by publishing a portion of the victim's data on their website. This strategy intends to negatively impact targeted organizations by drawing attention from customers and shareholders. RansomHouse's website provides URLs to media posts that showcase victims currently experiencing extortion, highlighting the secondary aspect of publicity as a method of extortion.

Should victims persist in refusing to pay, RansomHouse proceeds to offer the stolen data for sale on the dark web. If no interested buyers are found, they proceed to publish all the data on their Tor site.

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.