RansomHub Claims Ransomware Attack on Panitch Schwarze

Overview of the Attack

Panitch Schwarze Belisario & Nadel LLP, a prominent law firm specializing in intellectual property (IP) law, has been targeted by the ransomware group RansomHub. The attackers have claimed responsibility for the breach via their dark web leak site, threatening to expose sensitive client information if their ransom demands are not met. This incident underscores the growing threat of ransomware attacks on high-profile legal firms.

About Panitch Schwarze

Panitch Schwarze is headquartered in Philadelphia, with an additional office in Wilmington, Delaware. The firm employs over 20 attorneys and agents, many of whom hold advanced degrees and Ph.D.s, providing a deep well of technical and legal expertise. The firm is known for its comprehensive approach to IP issues, serving a diverse clientele that includes Fortune 500 companies and individual inventors. Their services span the entire lifecycle of IP, from securing patents and trademarks to providing strategic counseling and litigation support.

What Makes Panitch Schwarze Stand Out

Panitch Schwarze distinguishes itself through its client-centric approach, emphasizing responsiveness and creativity in protecting intellectual property assets. The firm is adept at navigating complex IP litigations across various U.S. courts and managing contested proceedings before the U.S. Patent and Trademark Office. Their team’s advanced technical knowledge, combined with legal expertise, positions them as a valuable partner for businesses and individuals seeking to protect and leverage their IP assets effectively.

Vulnerabilities and Targeting

Given its prestigious reputation and extensive client base, Panitch Schwarze presents an attractive target for ransomware groups like RansomHub. The firm’s involvement in high-stakes IP litigation and management of sensitive client information makes it particularly vulnerable to cyberattacks. The attackers have threatened to expose the breach to the firm’s clients, potentially damaging its reputation and client trust.

About RansomHub

RansomHub is a relatively new player in the ransomware landscape, believed to have roots in Russia. Operating as a Ransomware-as-a-Service (RaaS) group, RansomHub affiliates receive 90% of the ransom money, with the remaining 10% going to the main group. The group has targeted various countries, including the U.S., Brazil, Indonesia, and Vietnam, with a notable focus on healthcare-related institutions. RansomHub’s ransomware strains are written in Golang, a trend that is becoming more common in the ransomware world.

Potential Penetration Methods

While specific details of how RansomHub penetrated Panitch Schwarze’s systems are not publicly available, common methods include phishing attacks, exploiting software vulnerabilities, and leveraging weak security protocols. The use of Golang in their ransomware strains suggests a sophisticated approach, potentially bypassing traditional security measures.

Sources

• Panitch Schwarze Belisario & Nadel LLP
• SOCRadar: Dark Web Profile - RansomHub
• Barracuda Blog: AI and Ransomware