Abyss Locker Ransomware Group Targets Rangam
Incident Date:
April 23, 2024
Overview
Title
Abyss Locker Ransomware Group Targets Rangam
Victim
Rangam
Attacker
Abyss
Location
First Reported
April 23, 2024
Ransomware Attack on Rangam by Abyss Group
Attack Overview
The staffing and recruiting company Rangam, known for its inclusive employment solutions, has fallen victim to a ransomware attack orchestrated by the Abyss Locker ransomware group. This cyberattack has led to the exfiltration of approximately 1.1 terabytes of sensitive data, including credentials of employees, partners, and customers.
Company Profile
Rangam, headquartered in Somerset, New Jersey, specializes in providing inclusive workforce solutions, particularly focusing on individuals with disabilities, autism spectrum conditions, and disabled veterans. Founded in 1995, the company employs 443 individuals and reported revenues of $248.3 million in 2023. Rangam is distinguished in its industry by its empathy-driven culture and its integration of advanced AI technologies into staffing solutions.
Ransomware Group Details
The Abyss Locker group, emerging in March 2023, primarily targets VMware ESXi environments and is known for its multi-extortion tactics. The group operates through a TOR-based website, listing victims and threatening to release exfiltrated data unless ransom demands are met. Their ransomware leverages the Babuk codebase for Linux environments and is notorious for deleting system backups and shadow copies to complicate recovery efforts.
Vulnerabilities and Risks
Rangam's significant digital footprint and reliance on technology for integrating AI into staffing processes may have increased its vulnerability to cyberattacks. The attack surface likely included IT services that were susceptible to infiltration, which the Abyss group exploited to execute their ransomware deployment and data theft.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.