Ransomware Attack on Supply Technologies LLC: A Deep Dive into Dunghill Leak's Tactics

Incident Date:

April 15, 2024

World map

Overview

Title

Ransomware Attack on Supply Technologies LLC: A Deep Dive into Dunghill Leak's Tactics

Victim

Supply Technologies LLC

Attacker

Dunghill

Location

Mayfield Heights, USA

Ohio, USA

First Reported

April 15, 2024

Ransomware Attack on Supply Technologies LLC by Dunghill Leak

Overview of the Attack

The ransomware group Dunghill Leak has recently claimed responsibility for a cyberattack on Supply Technologies LLC, a subsidiary of ParkOhio. This indicates a serious breach of security at Supply Technologies. The group is known for its double extortion tactics, which involve stealing sensitive data before encrypting the victim's systems and demanding a ransom.

Company Profile

Supply Technologies LLC specializes in total supply chain management, providing parts and materials to manufacturing companies globally. Founded in 1995 and based in Cleveland, Ohio, the company employs a workforce that varies widely in reported size—from 520 to 5,000 employees, depending on the source. Their annual revenue is also reported variably, with figures ranging from $245 million to $580 million.

The company's reliance on technologies such as JavaScript, HTML, and Twitter for operations may have exposed them to specific cybersecurity vulnerabilities, particularly if these technologies were not secured adequately against the latest threats.

Details on Dunghill Leak

Dunghill Leak, operated by the Dark Angels Team, emerged in 2023 and has been active in targeting large organizations. They have previously utilized source code from the Babuk ransomware and have developed a custom version of the Ragnar Locker ransomware. Their operations focus on high-value targets, often demanding multi-million dollar ransoms based on the victim's cyber insurance coverage.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.