DragonForce Strikes: Ransomware Attack on RIGCON PTY. LTD.

Incident Date:

April 21, 2024

World map

Overview

Title

DragonForce Strikes: Ransomware Attack on RIGCON PTY. LTD.

Victim

RIGCON PTY. LTD.

Attacker

Dragonforce

Location

Victoria, Australia

, Australia

First Reported

April 21, 2024

Ransomware Attack on RIGCON PTY. LTD. by DragonForce

Attack Overview

RIGCON PTY. LTD., an Australian engineering services company, was recently targeted in a ransomware attack by the cybercrime group DragonForce. The attack involved the exfiltration of approximately 2.72 GB of data from their systems.

Company Profile

The company specializes in rotor blade maintenance and height safety solutions. The company employs between 51-200 individuals and reported an annual revenue of $4 million in 2023. They are recognized for its comprehensive services in training, servicing, repairing, installing, and inspecting height safety systems, making it a notable entity in the engineering services sector.

Vulnerabilities and Industry Standing

RIGCON's prominence in the niche market could make it an attractive target for cybercriminals looking to exploit specialized industrial knowledge and client data. The size of the company and its significant role in safety-critical services potentially increases its risk profile, as disruptions could lead to severe consequences in client operations and safety standards.

Ransomware Threat: DragonForce

DragonForce is known for its double extortion tactics, involving data encryption and the threat of data leakage to extort ransom from its victims. This group has been active since late 2023 and has been involved in several high-profile attacks across different sectors. The use of a leaked ransomware builder from another notorious group, LockBit, suggests a high level of sophistication and adaptability in their operations.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.