arvinclub attacks Al Bijjar

Incident Date:

April 21, 2022

World map



arvinclub attacks Al Bijjar


Al Bijjar




Sharjah, United Arab Emirates

Sharjah, United Arab Emirates

First Reported

April 21, 2022

Al Bijjar Ransomware Attack

Al Bijjar, a prominent entity in the Energy, Utilities & Waste sector, recently fell victim to a ransomware attack orchestrated by the Arvinclub group. This incident was publicly disclosed on the group's dark web leak site. Although the company's official website, located at, offers limited insights into its operational scale or industry specialization, it is noted for utilizing Plesk—a comprehensive control panel for web server, website, and web application management.

Arvinclub's modus operandi involves encrypting files on the targeted device and subsequently demanding a ransom for their decryption. This group has demonstrated a particular interest in the healthcare sector, executing a notable attack on Change Healthcare, a subsidiary of Optum and UnitedHealth Group, in 2023. The assault on Al Bijjar underscores a continuing pattern of ransomware campaigns against diverse sectors, with healthcare emerging as a recurrent target.

The repercussions of ransomware attacks for affected organizations are profound, encompassing operational downtime, recovery expenditures, and the potential for irreversible data loss. In 2022, a staggering 71% of global organizations reported experiencing at least one ransomware attack, with the average total cost of such incidents estimated at $4.3 million. To counteract the threat of ransomware, it is imperative for organizations to adhere to exemplary cyber hygiene practices. These include conducting regular vulnerability assessments, timely software updates and patches, and the creation of offline, encrypted data backups.

The ransomware attack on Al Bijjar serves as a stark reminder of the persistent cyber threats facing various industries. It is crucial for organizations to maintain heightened vigilance and deploy comprehensive cybersecurity strategies to safeguard against these risks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.