alphv attacks Herc

Incident Date:

July 28, 2022

World map



alphv attacks Herc






São João, Brazil

Porto Alegre, Brazil

First Reported

July 28, 2022

ALPHV Ransomware Group Claims Attack on Herc

Company Overview

Herc is a Brazilian company that specializes in manufacturing products. The company is known for its Torneira de Jardim da HERC, which is a popular and traditional product in Brazil. Herc's Linha Facilita is also a notable product line, which is produced using high-quality plastics for durability and resistance.

Vulnerabilities and Targeting

The specific vulnerabilities that led to Herc being targeted by ALPHV are not detailed. However, it is mentioned that ALPHV Blackcat affiliates have targeted the healthcare sector extensively, accounting for nearly 70 leaked victims. The group has also been known to employ a multiple extortion model, where they exfiltrate or steal sensitive data before encrypting the victim system and demand a ransom in exchange for decrypting the system and not publishing the stolen data.

Mitigation Strategies

To mitigate the risk of ransomware attacks, organizations should routinely take inventory of assets and data, prioritize remediation of known exploited vulnerabilities, enable and enforce multifactor authentication with strong passwords, close unused ports, and remove applications not deemed necessary for day-to-day operations.

The ALPHV ransomware group's attack on Herc highlights the ongoing threat of ransomware attacks on various sectors, including manufacturing. Organizations must remain vigilant and implement robust cybersecurity measures to protect against such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.