AC Sistemas Targeted by LockBit 3.0 Ransomware

Incident Date:

May 7, 2024

World map

Overview

Title

AC Sistemas Targeted by LockBit 3.0 Ransomware

Victim

AC Sistemas

Attacker

Lockbit3

Location

Sevilla, Spain

, Spain

First Reported

May 7, 2024

Ransomware Attack on AC Sistemas by LockBit 3.0

Victim Profile

AC Sistemas, a technological business group based in Spain, has fallen victim to a ransomware attack orchestrated by the notorious LockBit 3.0 cybercrime group. The company operates in the Retail sector and offers innovative solutions and services. They are known for its focus on providing technological solutions and services, distinguishing itself in the industry for its innovative approach.

Company Details

The Spanish company operates in the Retail sector and runs an e-commerce platform. The website offers various products for sale, including electronics and computer components. The company stands out for its focus on technological solutions and services within the industry.

Vulnerabilities

The retailer may have been targeted by threat actors due to its online presence as an e-commerce platform, which could make it susceptible to cyber attacks. The nature of the business, dealing with electronic products, could also attract malicious actors seeking to exploit vulnerabilities in the supply chain or customer data.

LockBit 3.0 Ransomware Group

The LockBit 3.0 ransomware group, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has evolved from previous versions of LockBit. It encrypts files, modifies filenames, changes desktop wallpapers, and drops ransom notes on victims' desktops. The ransomware is highly obfuscated and has advanced features like lateral movement through networks and self-deletion capabilities to cover its tracks.

LockBit May Attacks

LockBit 3.0 resurfaced in May 2024 following the disruption of its infrastructure during "Operation Cronos." Despite law enforcement efforts, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's activities spanned various sectors and countries, showcasing its global reach and adaptability.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.