McKim & Creed Faces Ransomware Threat

McKim & Creed has allegedly been compromised by the RansomHub ransomware group. The breach reportedly involves the exfiltration of 500 GB of data, and a ransom deadline of 21 March has been given. McKim & Creed is an employee-owned engineering and surveying firm of people helping people. It combines national expertise with a local perspective to deliver innovative solutions that serve its clients and our communities.

RansomHub: A New Threat on the Horizon

RansomHub is a relatively new ransomware-as-a-service operation whose darknet site features an index page where all its victims are listed, as well as About and Contact pages. The group claims to be a team of attackers from around the world, motivated by one thing – financial gain. However, the gang does say that it does not allow attacks against certain targets, including CIS, Cuba, North Korea, and China.

Operational Rules and Restrictions

The group also lists a few general rules that it follows, as well as rules for its affiliates. RansomHub does not allow non-profit organizations to be targeted, and nor does it allow “re-attacks” – follow-up attacks on victims who have already paid.