AirCod Technologies Hit by RedRansomware: Attack Details & Impact

Incident Date:

May 29, 2024

World map



AirCod Technologies Hit by RedRansomware: Attack Details & Impact


AirCod Technologies




Lahore, Pakistan

, Pakistan

First Reported

May 29, 2024

Ransomware Attack on AirCod Technologies by RedRansomware

Company Overview

AirCod Technologies is an enterprise software development firm specializing in helping global businesses orchestrate workflow and overcome complex challenges with intelligent solutions. The company is renowned for its innovative approach to automation, business intelligence, and cost-efficient solutions. AirCod develops customized dynamic websites, management systems, e-commerce platforms, and mobile applications to automate workflow and drive business growth.

Company Size and Revenue

With approximately 51-100 employees worldwide, AirCod Technologies is a medium-sized company generating an estimated revenue of $4.3 million.

Ransomware Attack Overview

The RedRansomware group targeted AirCod Technologies, encrypting all user files and appending the ".REDCryptoApp" extension. The attackers have leaked data from the company on the dark web's "Wall of Shame" site, increasing psychological pressure on the victim.

Ransomware Group Profile

RedRansomware, also known as Red CryptoApp, is a new ransomware group that emerged in March 2024. They target specific sectors and countries, focusing primarily on businesses in the United States, Canada, Singapore, Mexico, Spain, Italy, India, and Denmark. The group infects systems through phishing emails or software vulnerabilities, demonstrating a high degree of planning and premeditation in their attacks.

How the Attack Penetrated AirCod Technologies

RedRansomware likely penetrated AirCod Technologies' systems through phishing emails or by exploiting software vulnerabilities. The group's use of an automated chat interface on the Tor network to negotiate ransom payments indicates a sophisticated level of tactics.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.