alphv attacks Ujhaz

Incident Date:

March 7, 2022

World map

Overview

Title

alphv attacks Ujhaz

Victim

Ujhaz

Attacker

Alphv

Location

Budapest, Hungary

Central Hungary, Hungary

First Reported

March 7, 2022

Ujhaz Construction Company Targeted by ALPHV Ransomware Group

Company Information

Ujhaz is a Hungarian construction company that has been in operation for several years. The company has a strong presence in the Hungarian market and has been recognized for its quality and innovation in the construction industry. In 2020, Ujhaz received the Business Superbrands award, a prestigious recognition for its brand value and market position.

Vulnerabilities and Targeting

The ALPHV ransomware group, known for its aggressive tactics, has targeted a wide range of industries, including critical infrastructure, healthcare, and government entities. The group has been particularly active in recent years, compromising the networks of over 1,000 victims globally to earn hundreds of millions of dollars.

The attack on Ujhaz is part of a larger trend of ransomware attacks on construction companies, which have been targeted for their valuable data and operational systems. The ALPHV ransomware group has been known to exploit vulnerabilities in Windows operating systems and servers, exchange servers, and Secure Mobile Access products.

Mitigation Strategies

To mitigate the risk of ransomware attacks, companies should prioritize remediation of known exploited vulnerabilities, enable and enforce multifactor authentication with strong passwords, close unused ports, and remove applications not deemed necessary for day-to-day operations. Companies should also regularly take inventory of assets and data to identify authorized and unauthorized devices and software, and prioritize the patching of high-severity vulnerabilities.

The attack on Ujhaz by the ALPHV ransomware group highlights the ongoing threat of ransomware to companies in the construction sector. Companies should remain vigilant and implement robust cybersecurity measures to protect against these types of attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.