SafePay Targets Gilazo in Ransomware Attack on Media Sector

Incident Date: Nov 19, 2024

Attack Overview

VICTIM

Gilazo

INDUSTRY

Media & Internet

LOCATION

USA

ATTACKER

SafePay

FIRST REPORTED

November 19, 2024

Request Removal

Ransomware Attack on Gilazo: SafePay's Latest Target

Attack Details

In a recent cyberattack, the ransomware group SafePay has claimed responsibility for targeting Gilazo, a company associated with Straight Ahead Pictures, Inc. (SAP). SAP is a media production company known for its innovative projects and educational forums, focusing on cultural histories and marginalized communities. One of their notable works includes "Beyond Affliction: The Disability History Project," a radio documentary series distributed by NPR.

Gilazo serves as a platform for SAP's initiatives, emphasizing storytelling and community dialogue. The attack on Gilazo highlights the vulnerabilities faced by organizations in the Media & Internet sector, particularly those involved in educational and cultural projects. The company's focus on collaboration and community involvement makes it a significant player in educational media production, but also a potential target for cybercriminals seeking to exploit sensitive data.

SafePay, a relatively new ransomware group, has been active in the cybercrime landscape, employing ransomware-as-a-service (RaaS) tactics and utilizing LockBit source code. The group is known for its double-extortion strategy, where they encrypt files and threaten to release stolen data if ransom demands are not met. This approach adds pressure on victims to comply, making it a common tactic among ransomware groups.

SafePay's modus operandi involves gaining access to victim networks through valid credentials, often acquired via VPN gateways or portals. Their stealthy approach avoids the use of Remote Desktop Protocol (RDP) and the creation of new user accounts, making detection more challenging. The group maintains a presence on the dark web through a Tor-based leak site, where they list past victims and provide details about stolen data.

The attack on Gilazo underscores the growing threat posed by ransomware groups like SafePay, which continue to evolve and employ sophisticated methods to infiltrate networks. As organizations in the media and educational sectors increasingly rely on digital platforms, they must remain vigilant against such cyber threats to protect their sensitive data and maintain their operations.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.