Abyss attacks arb Architekten

Incident Date:

July 17, 2023

World map



Abyss attacks arb Architekten


arb Architekten




Bern, Switzerland

, Switzerland

First Reported

July 17, 2023

The Abyss Ransomware Gang's Latest Victim: Arb Architekten

The Abyss ransomware gang has attacked arb Architekten. Arb Architekten is an architectural firm headquartered in Bern, Switzerland. It employs 15 people and has designed several high-end buildings across the country. Abyss posted arb Architekten to its data leak site on July 17th, threatening to publish 200GB of stolen data by September 1st if the organization fails to comply. Arb Architekten has neither confirmed nor denied the attack, and all reports of the incident have not yet been verified.

The Modus Operandi of the Abyss Gang

The Abyss ransomware gang is a well-known cybercriminal group actively deploying ransomware attacks against organizations worldwide. Employing sophisticated tactics, they encrypt victims' data and demand ransom payments in exchange for decryption keys. What distinguishes them is their use of a "double extortion" strategy, where they not only encrypt data but also exfiltrate sensitive information. This stolen data is threatened to be leaked or sold on the dark web if the ransom demand is not met, adding extra pressure on victims to comply.

Who Are the Targets?

Their targets encompass a wide range of industries, including corporations, government entities, educational institutions, and healthcare providers. Abyss is so prolific that several businesses offer decryption services for the Abyss Locker ransomware, although it's unclear how effective those services are.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.