MH Group Suffers Ransomware Attack by BlackBasta

MH Group, a company operating in the Energy, Utilities & Waste sector, has been targeted by the ransomware group BlackBasta. The attack was announced on the group's dark web leak site, and the victim's website is grupmh.com. MH Group is a Spanish company that provides energy solutions for industrial and domestic use, as well as for the tertiary sector, including industries, sports facilities, offices, public buildings, hotels, restaurants, and educational institutions.

The company has over 500 contracts for maintenance in the industrial and tertiary sectors and serves more than 50,000 homes each year. MH Group's services are designed to offer the best service by adapting to each type of client, and they have a presence in various sectors, including solar energy, heating, and cooling systems, and energy efficiency.

The vulnerabilities that led to the attack are not explicitly mentioned in the search results. However, it is known that ransomware groups often exploit unpatched vulnerabilities in software and hardware to gain access to systems. In the case of BlackBasta, they have been known to exploit Citrix vulnerabilities, such as CVE-2023-4966, which was first exploited in October 2023.

The ransomware attack on MH Group is part of a broader trend of cybercriminal activity targeting various sectors, including corporate America, where ransomware groups have carried out more than 1,400 attacks since January 2020, collecting tens of millions of dollars in ransom payments. The attack on MH Group underscores the need for organizations to improve their cybersecurity defenses and implement robust security protocols to protect against such threats.

Sources

• GRUP mh | Soluciones energéticas para el sector industrial y doméstico
• Ransomware groups rack up victims among corporate America - No URL found
• WannaCry ransomware attack - Wikipedia
• Ransomware Tracker 2024: Recent Ransomware Attacks - Spin.AI
• Ransomware Attack List and Alerts - Cloudian