Ransomware Attack on Sercomm Corporation by Hunters International

Recently, the ransomware group Hunters International has taken responsibility for a cyberattack on Sercomm Corporation, a major global supplier of telecom broadband solutions based in Taipei, Taiwan. This incident underscores the vulnerabilities that companies in the telecommunications sector face, especially those with extensive global operations and a diverse product range.

About Sercomm Corporation

Established in 1992, Sercomm Corporation is a key player in the telecommunications industry, focusing on broadband and wireless networking equipment. The company caters to a broad spectrum of clients, including major telecommunications operators and service providers across North America, Europe, and the Asia-Pacific region. With a workforce of approximately 4,021 employees and annual revenues of around $1.6 billion, Sercomm is noted for its innovative product offerings and strong research and development capabilities.

Sercomm's wide-ranging product portfolio encompasses broadband networking equipment, mobile solutions, smart home and IoT devices, and enterprise solutions. The company's dedication to quality and innovation has established it as a leader in the industry. However, its global presence and intricate supply chain render it a potential target for sophisticated cyber threats.

Attack Overview

Hunters International, a notorious ransomware group, executed the attack on Sercomm by exfiltrating sensitive data without encrypting any of the company's data. This tactic aligns with the group's double extortion strategy, where they threaten to release stolen data to coerce victims into paying ransoms. The attack highlights the group's capability to breach advanced security measures and exploit vulnerabilities in large organizations.

About Hunters International

Emerging in October 2023, Hunters International operates as a Ransomware-as-a-Service (RaaS) group, utilizing code from the defunct Hive ransomware operation. The group is recognized for its sophisticated techniques, including the use of Rust for cross-platform targeting and the deployment of custom malware like SharpRhino. Their attacks typically involve phishing campaigns, RDP exploitation, and social engineering to gain initial access.

Hunters International sets itself apart through its adaptability and the ability to target both Windows and Linux environments. The group's focus on industries such as healthcare, finance, and manufacturing, combined with their global reach, positions them as a significant threat in the cybersecurity landscape.

Sources

• Sercomm Corporation - Company Overview
• EMIS - Sercomm Corporation Profile
• Halcyon - Last Week in Ransomware