Ransomware Attack on VIcom Corporation by Hunters International

VIcom Corporation, a prominent technology solutions integrator based in Virginia Beach, Virginia, has recently fallen victim to a ransomware attack orchestrated by the hacking group Hunters International. The attackers have claimed responsibility for the breach, asserting that they have exfiltrated a substantial amount of data from the company.

About VIcom Corporation

VIcom Corporation, also known as Virginia Integrated Communication, specializes in a diverse range of services aimed at enhancing communication and operational efficiency for businesses. Their expertise includes teleconferencing, VoIP business phones, hosted PBX systems, audio-visual integration, digital signage, and security access control. Additionally, they offer managed IT services and paging systems, positioning themselves as a one-stop provider for organizations looking to improve their technological infrastructure and communication capabilities.

Acquired by Converge Technology Solutions in early 2021, VIcom has expanded its capabilities and reach, becoming part of a larger network that enhances its service offerings across North America. This acquisition has enabled VIcom to tap into additional resources and expertise in cloud solutions and cybersecurity.

Attack Overview

Hunters International has claimed that they have successfully breached VIcom Corporation's defenses, exfiltrating 264.7 GB of data encompassing 25,391 files. The attack was announced on the group's dark web leak site, where they listed VIcom as one of their victims. The specific details of how the ransomware group penetrated VIcom's systems have not been disclosed, but the attack highlights the vulnerabilities that even well-established technology integrators can face.

About Hunters International

Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, shortly after the disruption of the notorious Hive ransomware group. The group's ransomware code contains significant overlap with Hive, suggesting a shared technical lineage. Hunters International focuses on exfiltrating target data and extorting victims with ransom demands in exchange for the return of the stolen data.

The group has been detected targeting victims across various regions, including the US, UK, Germany, and Namibia. Investigations have revealed potential ties to Nigeria, although the group uses fake identities and tricky methods to conceal their true origins. Despite their denial of any affiliation with Hive, the technical and operational similarities suggest an evolution or offshoot of the dismantled operation.

Implications for VIcom Corporation

The ransomware attack on VIcom Corporation underscores the importance of comprehensive cybersecurity measures, especially for companies involved in technology integration and communication solutions. As a provider of critical services to various sectors, including corporate environments, educational institutions, and healthcare facilities, VIcom's breach could have far-reaching implications for their clients and partners.

Sources

• VIcom Corporation
• Converge Technology Solutions - VIcom
• SOCRadar - Hunters International
• Global Security Mag - Hunters International