Ransomware Attack Disrupts Industrial Bolsera Operations

Incident Date: Jul 24, 2024

Attack Overview

VICTIM

Industrial Bolsera

INDUSTRY

Manufacturing

LOCATION

Spain

ATTACKER

Donutleaks

FIRST REPORTED

July 24, 2024

Request Removal

Ransomware Attack on Industrial Bolsera by Donutleaks

Overview of Industrial Bolsera

Industrial Bolsera, based in Caldes de Montbui, Barcelona, specializes in the design, manufacturing, and printing of paper bags and flexible packaging. The company is renowned for its expertise in flexography and gravure printing techniques, which are essential for producing high-quality, durable packaging products. Their focus on customization and sustainability has made them a preferred partner in the food and retail sectors. Industrial Bolsera employs between 50 and 249 individuals and reports an annual turnover ranging from 10 to 50 million euros.

Details of the Ransomware Attack

Industrial Bolsera has recently fallen victim to a ransomware attack orchestrated by the cybercriminal group Donutleaks. The attack has compromised the company's website, https://www.industrialbolsera.com/ca/index.htm, disrupting their operations. Despite their commitment to maintaining high standards in design, R&D, and manufacturing processes, this incident highlights vulnerabilities in their digital infrastructure.

About Donutleaks Ransomware Group

Donutleaks is a data extortion group first detected in August 2022. The group has been linked to several high-profile cyberattacks, including those on DESFA, Sheppard Robson, and Sando. Donutleaks uses customized ransomware for double-extortion attacks, encrypting files and leaking stolen data to extort victims. Their ransomware renames encrypted files with the ".d0nut" extension and avoids files containing specific strings like "Edge" and "Windows." The group maintains a data storage site with approximately 2.8 TB of stolen data from various victims.

Potential Vulnerabilities and Penetration Methods

The attack on Industrial Bolsera underscores the growing threat of ransomware attacks on businesses of all sizes and sectors. While the exact method of penetration remains unclear, common vulnerabilities include outdated software, weak passwords, and insufficient network security measures. Given Donutleaks' history, it is likely that the group exploited one or more of these vulnerabilities to gain access to Industrial Bolsera's systems.

Impact and Implications

The ransomware attack has significant implications for Industrial Bolsera, disrupting their operations and potentially compromising sensitive data. The incident serves as a stark reminder of the importance of robust cybersecurity measures, even for companies with a strong focus on quality and sustainability.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.