RansomHub Hits Hashem Contracting in Major Saudi Cyberattack
RansomHub Ransomware Group Targets Hashem Contracting in Saudi Arabia
The RansomHub ransomware group has claimed responsibility for a cyberattack on Hashem Contracting and Trading Corp, a leading construction and real estate development firm based in Riyadh, Saudi Arabia. This attack highlights the growing threat of ransomware to critical infrastructure sectors worldwide.
About Hashem Contracting
Established in 1978, Hashem Contracting and Trading Corp is a prominent player in the Saudi Arabian construction industry. The company employs approximately 1,070 staff members and reports an estimated annual revenue of $215.1 million. Specializing in general contracting, construction management, and real estate development, Hashem Contracting has built a solid reputation for quality and innovation. Their commitment to integrating new technologies and maintaining high safety standards distinguishes them in the competitive construction landscape.
Attack Overview
RansomHub claims to have exfiltrated 91 GB of sensitive data from Hashem Contracting, threatening to release the stolen information within the next 8 to 9 days. The group provided a file tree as evidence of their breach, underscoring the severity of the attack. This incident raises concerns about the vulnerabilities of construction firms, which often handle large volumes of sensitive data and rely on complex supply chains.
RansomHub's Modus Operandi
RansomHub, a Ransomware-as-a-Service (RaaS) group, emerged in February 2024 and quickly gained notoriety for its aggressive affiliate model. The group is known for its double extortion tactics, encrypting victims' data while exfiltrating sensitive information to increase ransom demands. RansomHub's ransomware is optimized for speed and efficiency, targeting cross-platform systems and exploiting vulnerabilities in unpatched software.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!