Ransomware Attack on Lift Kits 4 Less by APT73

Lift Kits 4 Less, a prominent online retailer specializing in suspension lift kits and automotive parts, has recently fallen victim to a ransomware attack by the cybercriminal group APT73. This incident has raised significant concerns about the company's cybersecurity measures and the broader implications for the retail sector.

Company Overview

Lift Kits 4 Less operates under the Auto Parts 4Less Group, Inc., and is based in North Las Vegas, Nevada. The company is recognized for its extensive range of suspension lift kits, catering to automotive enthusiasts seeking to enhance their vehicles' performance and aesthetics. With an estimated annual revenue of $10 million to $25 million and a workforce of 10 to 19 employees, Lift Kits 4 Less has established itself as a key player in the online automotive parts industry. However, the company has faced criticism for its customer service, with numerous complaints about communication difficulties and delayed responses.

Attack Overview

The ransomware attack orchestrated by APT73 has compromised sensitive client data, including identifiers such as ID, Name, Email, Group, Phone, ZIP, Country, and State/Province. This breach highlights vulnerabilities in Lift Kits 4 Less's data protection measures, potentially exposing thousands of customers to identity theft and fraud. The attack underscores the critical need for enhanced cybersecurity protocols to safeguard against sophisticated threats posed by organized cybercrime groups.

APT73: A New Ransomware Threat

APT73 is a newly emerged ransomware group that surfaced in late April. The group distinguishes itself by adopting the "APT" designation, typically associated with advanced persistent threats, to project a more sophisticated image. APT73's operational model mirrors that of the notorious LockBit group, employing similar tactics such as double-extortion strategies. Despite their mimicry of established models, APT73 exhibits signs of inexperience, lacking active mirrors on their data leak site, which are typically used to distribute stolen data more effectively.

Potential Vulnerabilities

The attack on Lift Kits 4 Less may have been facilitated by vulnerabilities in their cybersecurity infrastructure. As a relatively small company with a focused operation, they may lack the resources to implement comprehensive cybersecurity measures, making them an attractive target for ransomware groups like APT73. The incident serves as a stark reminder of the evolving threat landscape and the need for companies to prioritize cybersecurity to protect sensitive customer data.

Sources

• Lift Kits 4 Less Official Website
• BBB Complaints
• Cyberint Blog
• Datanyze Company Profile
• Vectra Threat Actors