Ransomware Attack Hits Therabel Pharma by Hunters International
Ransomware Attack on Therabel Lucien Pharma SAS by Hunters International
Therabel Lucien Pharma SAS, a prominent pharmaceutical company based in Levallois-Perret, Île-de-France, has reportedly fallen victim to a ransomware attack orchestrated by the Hunters International group. This attack has resulted in the exfiltration of approximately 338 GB of sensitive data, including client information, internal correspondence, contracts, and critical research documents related to preclinical studies and clinical trials.
Company Overview
Founded in 1945, Therabel Lucien Pharma SAS is a privately-owned pharmaceutical company with a rich European heritage. The company operates primarily through a partnership-driven business model, focusing on collaboration with other pharmaceutical entities to enhance its product offerings and market presence. With a reported group turnover of €59.1 million in 2019 and around 200 employees, Therabel is classified as a medium-sized enterprise. The company specializes in cardiovascular health, gastroenterology, and chemotherapy, making it a significant player in the healthcare services sector.
Attack Overview
The ransomware attack on Therabel Lucien Pharma SAS was claimed by Hunters International, a ransomware-as-a-service group that emerged in October 2023. The attackers have threatened to publish the stolen data on their dark web leak site if the ransom is not paid, putting Therabel at risk of significant operational and reputational damage. The compromised data includes financial information, potentially exposing the company to further vulnerabilities.
Hunters International: A Notorious Ransomware Group
Hunters International distinguishes itself by employing double extortion tactics, combining data encryption with data theft. The group utilizes code from the defunct Hive ransomware, allowing them to execute sophisticated attacks across various industries, including healthcare. Their malware, developed in Rust, provides cross-platform targeting capabilities, making it highly adaptable and effective against enterprise environments.
Potential Vulnerabilities
Therabel's extensive collaboration with healthcare providers and its focus on critical therapeutic areas make it an attractive target for ransomware groups like Hunters International. The company's reliance on digital infrastructure for research and development, coupled with the sensitive nature of its data, increases its vulnerability to cyberattacks. The attack highlights the need for enhanced cybersecurity measures to protect against sophisticated threat actors.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!