Loghman Pharmaceuticals Targeted by Stormous Ransomware Group

Loghman Pharmaceuticals has reportedly been compromised by the Stormous ransomware group, although no further details have been disclosed. Loghman Pharmaceutical & Hygienic is a company that engages in the discovery, development, manufacture, and marketing of drugs in Iran. It manufactures broad-spectrum antibiotics, cephalosporins, penicillins, macrolides, beta-lactamase, and more.

About Stormous Ransomware Group

Stormous does not maintain a RaaS (Ransomware-as-a-Service) platform. Stormous emerged in mid-2021 or early 2022 and made headlines, claiming to have exfiltrated 200GB of data from victim Epic Games as well as the Ministry of Foreign Affairs of Ukraine. They also were purported to have offered Coca-Cola data for sale. Stormous is assessed to have targeted companies whose data was leaked by other threat actors, and some have asserted they are a scam operation.

Stormous attack volume has been diminishing, and it is assessed that they may not be responsible for some of the attacks they claim. Stormous does not maintain a RaaS platform and focuses on straight data extortion. Stormous claims to target Western companies and espouses a lot of rhetoric about the Russian and Ukrainian conflict, but it is not clear if they are hacktivist-oriented or using this to sew confusion.

It is still unclear exactly how Stormous operates. They claim politically motivated targeting may be more opportunistic or could be trying to make money from the threat actors' work by leveraging the chaos and confusion around the high volume of ransomware attacks today.