Ransomware Attack on Rangam by Abyss Group

Attack Overview

The staffing and recruiting company Rangam, known for its inclusive employment solutions, has fallen victim to a ransomware attack orchestrated by the Abyss Locker ransomware group. This cyberattack has led to the exfiltration of approximately 1.1 terabytes of sensitive data, including credentials of employees, partners, and customers.

Company Profile

Rangam, headquartered in Somerset, New Jersey, specializes in providing inclusive workforce solutions, particularly focusing on individuals with disabilities, autism spectrum conditions, and disabled veterans. Founded in 1995, the company employs 443 individuals and reported revenues of $248.3 million in 2023. Rangam is distinguished in its industry by its empathy-driven culture and its integration of advanced AI technologies into staffing solutions.

Ransomware Group Details

The Abyss Locker group, emerging in March 2023, primarily targets VMware ESXi environments and is known for its multi-extortion tactics. The group operates through a TOR-based website, listing victims and threatening to release exfiltrated data unless ransom demands are met. Their ransomware leverages the Babuk codebase for Linux environments and is notorious for deleting system backups and shadow copies to complicate recovery efforts.

Vulnerabilities and Risks

Rangam's significant digital footprint and reliance on technology for integrating AI into staffing processes may have increased its vulnerability to cyberattacks. The attack surface likely included IT services that were susceptible to infiltration, which the Abyss group exploited to execute their ransomware deployment and data theft.

Sources

• Rangam Official Website
• SentinelOne: Abyss Locker
• Fortinet: Ransomware Roundup - Abyss Locker
• ZoomInfo: Rangam Consultants Inc.
• Zippia: Rangam Consultants Revenue