Cine Albeniz Hit by LockBit 3.0 Ransomware Attack

Incident Date:

May 9, 2024

World map

Overview

Title

Cine Albeniz Hit by LockBit 3.0 Ransomware Attack

Victim

Cine Albeniz

Attacker

Lockbit3

Location

Madrid, Spain

, Spain

First Reported

May 9, 2024

Ransomware Attack on Cine Albeniz by LockBit 3.0

Overview

Cine Albeniz, a company based in Spain, was targeted in a cyber attack by LockBit 3.0, a cybercrime group. The attack utilized ransomware, compromising the website cinealbeniz.com. During the breach, 162 GB of data, including banking information, invoices, agreements, and more, was extracted. A sample of the leaked data was made available. The attack has caused significant damage to the company's reputation and financial stability. The company is currently working with cybersecurity experts to investigate the breach and mitigate any further damage.

Company Profile

Located in Madrid, Spain, Cine Albéniz operates in the Media & Internet sector, specifically providing information about movies, including their schedules and descriptions. The company's focus on Spanish-speaking films sets it apart, offering multiple languages and subtitles for different screenings. Showcasing films from regions like Germany, France, and Italy, Cine Albéniz demonstrates a global focus on international cinema.

Catering to a niche audience interested in foreign films, Cine Albéniz stands out for its diverse film selection and multilingual approach, providing a unique movie-watching experience for patrons. However, the recent ransomware attack by LockBit 3.0 exposed vulnerabilities in the company's online presence.

Ransomware Group Details

Evolved from previous versions, LockBit 3.0, also known as LockBit Black, operates as a Ransomware-as-a-Service (RaaS) group. The group's advanced capabilities include encrypting files, modifying filenames, changing desktop wallpapers, and dropping ransom notes on victims' desktops. LockBit 3.0's high level of obfuscation and protection against analysis pose challenges for security researchers.

Possibly gaining access through phishing emails, unpatched software vulnerabilities, or weak network security, LockBit 3.0 likely used its affiliate-based ransomware approach to encrypt files and exfiltrate sensitive data from Cine Albéniz's systems, compromising the victim's website and leaking confidential information.

LockBit May Attacks

This entry is part of the May 2024 attacks by LockBit 3.0, the ransomware attack on Cine Albeniz follows the group's resurgence after "Operation Cronos" disrupted its infrastructure in February. Despite law enforcement actions, LockBit quickly resumed operations, targeting over 50 victims shortly after reactivating its platform. The group's recent activities have impacted various industries globally, underscoring the importance of international cooperation and proactive cybersecurity measures against cybercrime.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.