Ransomware Attack on COPLOSA S.A. by 8Base

Incident Date: May 15, 2024

Attack Overview

VICTIM

Coplosa S.A.

INDUSTRY

Manufacturing

LOCATION

Spain

ATTACKER

8base

FIRST REPORTED

May 15, 2024

Request Removal

Ransomware Attack on COPLOSA S.A. by 8Base

Victim Overview

COPLOSA S.A., a chemical manufacturing company based in Barcelona, Spain, fell victim to a cyberattack by the ransomware group 8Base. They operate within the Chemicals industry, specializing in casting non-ferrous metals, particularly lead oxide production like Red Lead, Litharge, and powder for batteries, as well as Antimony trioxide production. The company is involved in process engineering for heat treatment of chemical products in powder form, utilizing furnaces, reactors, sampling devices, milling, and sampling dividers.

Company Details

The company is part of Grupo Penox, engaged in casting non-ferrous metals. COPLOSA is located in Barcelona, Catalonia, with an annual turnover ranging between 10 and 50 million euros. The company employs between 10 and 49 individuals and is registered in the Mercantile Registry of Barcelona. The company's most recent Borme announcement was on 02/06/2023, and its last deposit of annual accounts was for the 2022 fiscal year. The company's CIF is A08057622, and it has 80 executive positions. Notable individuals associated with COPLOSA SA include Jean Loudenot, Penox Group GmbH, RSM Spain Auditores SL, and others.

Attack Overview

The cybercrime group 8Base targeted COPLOSA S.A.'s website in the ransomware attack. Sensitive data such as invoices, receipts, accounting documents, personal data, certificates, employment contracts, and other confidential information were compromised in the attack.

Ransomware Group 8Base

8Base is known for its aggressive tactics and double-extortion strategy, where they encrypt files and threaten to release stolen data if the ransom is not paid. The group primarily targets small and medium-sized businesses across various sectors, including manufacturing. 8Base is believed to spread through phishing emails, exploit kits, and drive-by downloads. The group has gained notoriety for its rapid rise in activities and the use of customized ransomware strains like Phobos, appending ".8base" to encrypted files.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.