Ransomware Hits Bettis Asphalt: BlackSuit Group Claims Attack

Incident Date: Aug 03, 2024

Attack Overview

VICTIM

Bettis Asphalt & Construction, Inc.

INDUSTRY

Construction

LOCATION

USA

ATTACKER

Black Suit

FIRST REPORTED

August 3, 2024

Request Removal

Ransomware Attack on Bettis Asphalt & Construction, Inc.

Bettis Asphalt & Construction, Inc., a family-owned company based in Topeka, Kansas, has recently fallen victim to a ransomware attack by the BlackSuit group. Established in 1979, Bettis Asphalt & Construction specializes in hot mix asphalt paving and maintenance, concrete pavement construction, and bridge repair. The company is part of the larger Bettis Companies, which includes various other construction and materials businesses.

Company Overview

Bettis Asphalt & Construction employs approximately 31 people and reported a revenue of $19.3 million. The company is known for its commitment to quality, safety, and customer satisfaction. They utilize advanced technologies such as Trimble GPS and Robotic Total Station Technology to enhance the accuracy and efficiency of their projects. Their services extend across Kansas, Oklahoma, and the broader Midwest region, catering to a wide range of clients, including highways, streets, airports, and large industrial parks.

Details of the Attack

The BlackSuit ransomware group has claimed responsibility for the attack on Bettis Asphalt & Construction via their dark web leak site. The cybercriminals allege that they have gained access to sensitive data, potentially compromising the company's operations and client information. The attack has raised concerns about the vulnerabilities in the company's cybersecurity measures, particularly given their reliance on advanced technologies for project execution.

About BlackSuit Ransomware Group

BlackSuit is a new ransomware family that emerged in 2023 and is closely related to the notorious Royal ransomware group. The ransomware targets both Windows and Linux systems, including VMware ESXi servers. It appends the .blacksuit extension to encrypted files and drops a ransom note named README.BlackSuit.txt in each affected directory. The note includes a reference to a Tor chat site for victim communication. Researchers have found significant similarities between BlackSuit and Royal ransomware, suggesting that BlackSuit could be a new variant developed by the same authors or an affiliate of the Royal ransomware gang.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.