conti attacks Iwis Group

Incident Date:

January 3, 2022

World map



conti attacks Iwis Group


Iwis Group




Veneto, Italy

Treviso, Italy

First Reported

January 3, 2022

IWIS Group Suffers Ransomware Attack

The Italian holding company IWIS Group, known for its innovative approach to building products, civil engineering, and geotechnics, has been targeted by the ransomware group Conti. The attack was announced on the group's dark web leak site, and the victim's website was affected.

IWIS Group, with its headquarters in Italy, operates in the Holding Companies & Conglomerates sector and has a global presence, with 13 factories, 18 branches, distributors, and dealers in 96 countries worldwide. The company is recognized for its focus on technological and organizational innovation, as well as its commitment to sustainability and the environment.

The ransomware attack on IWIS Group is a reminder of the increasing threat posed by cybercriminals to businesses across all sectors. Ransomware attacks typically involve encrypting a victim's files and demanding a ransom payment in exchange for the decryption key. In the case of IWIS Group, the attack could potentially disrupt their operations, lead to financial losses, and damage their reputation.

While the specific details of the attack are not yet available, it is crucial for organizations to take proactive measures to protect themselves from ransomware attacks. This includes maintaining up-to-date software, employing robust cybersecurity measures, and implementing a data backup and recovery plan.

The Conti ransomware group has been active since 2019 and has been responsible for several high-profile attacks, including the Colonial Pipeline attack in 2021. The group is known for its aggressive tactics and has been linked to the REvil ransomware, which affected up to 1,500 organizations.

As the threat of ransomware attacks continues to grow, it is essential for businesses to remain vigilant and take appropriate measures to safeguard their digital assets.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.