Ransomware Attack on EPS Tech Ltd by Handala Group

EPS Tech Ltd, also known as Electronic Packaging Solutions (EPS), has recently fallen victim to a ransomware attack orchestrated by the Handala wiper threat actor. The attackers claim to have infiltrated the company's systems and exfiltrated 8 TB of highly confidential and sensitive data. This data reportedly includes confidential design documents, source codes for exclusive military software, emails, financial and administrative records, and human resources documents. To substantiate their claims, the Handala group has released samples of various technical documents and announced plans to publish all the stolen data in the coming days.

About EPS Tech Ltd

Founded in 1992, EPS Tech Ltd specializes in the design and provision of advanced embedded electronic systems primarily for the defense and industrial sectors. The company employs approximately 70 staff members, with a significant portion being engineers. EPS is recognized for its expertise in managing complex programs, particularly in areas such as airborne, ground mobile, and naval defense systems, as well as various applications in telecommunications and semiconductors. Their product lineup includes rugged processors, GPUs, and servers designed to withstand harsh environments, ensuring reliability and performance under challenging conditions.

What Makes EPS Tech Ltd Stand Out

EPS Tech emphasizes an end-to-end service model, providing support throughout the entire process from system definition to after-sales support. This commitment to customer service is complemented by their adherence to high-quality standards, as evidenced by their ISO-9001 certification and additional certifications from the Israeli Ministry of Defense and other major industrial players in Israel. The company prides itself on delivering cost-effective solutions that comply with technical specifications and customer requirements, highlighting their focus on partnership and collaboration with clients.

Vulnerabilities and Attack Overview

Despite its strong technical foundation and adherence to high-quality standards, EPS Tech Ltd's focus on defense and industrial markets makes it a prime target for threat actors like the Handala group. The attackers likely exploited vulnerabilities in the company's cybersecurity infrastructure, potentially through sophisticated phishing campaigns or multi-stage loading processes involving obfuscated scripts and shellcode to bypass traditional security measures.

About the Handala Group

The Handala Hack group is a cybercriminal organization known for its pro-Palestinian agenda and history of targeting Israeli institutions and their affiliates. The group has a history of targeting Israeli institutions, including governmental entities, defense organizations, and other organizations affiliated with Israel. Handala is notorious for its sophisticated tactics, including phishing emails and SQL injection attacks, which have allowed them to disrupt various sectors such as infrastructure, healthcare, media, and defense.

Potential Penetration Methods

Handala's malware uses a multi-stage loading process involving obfuscated scripts and shellcode to bypass traditional security measures. The group has been known to use sophisticated phishing campaigns, including emails written in Hebrew, to deliver malware and compromise targets. These tactics likely played a role in the successful infiltration of EPS Tech Ltd's systems, leading to the exfiltration of highly sensitive data.

• EPS Tech Ltd
• About EPS Tech Ltd
• Handala Hack Group Claims to Steal Viber's Source Code
• Stealth Wiper Israeli Infrastructure
• Handala Hacker Group Warns Israel