DreamWall NV Targeted: Akira Ransomware Attack
Incident Date:
May 30, 2024
Overview
Title
DreamWall NV Targeted: Akira Ransomware Attack
Victim
DreamWall NV
Attacker
Akira
Location
First Reported
May 30, 2024
Ransomware Attack on DreamWall NV by Akira Group
Company Profile
DreamWall NV is a Belgian animation studio that specializes in creating high-quality 3D animations for various industries, including film, television, and advertising. The company is renowned for its expertise in delivering projects efficiently and effectively.
Company Size
Although the exact size of DreamWall NV is not explicitly mentioned in available sources, it can be inferred that they are a medium-sized company based on the scope of their projects and the number of employees.
Company Standout
DreamWall NV stands out in the industry for its ability to create high-quality 3D animations and deliver projects with remarkable efficiency. The company has been nominated for prestigious awards, showcasing their excellence in animation production.
Company Vulnerabilities
As an animation studio, DreamWall NV may have been targeted by threat actors like the Akira ransomware group due to the valuable intellectual property and sensitive data they hold. Their reliance on digital assets and online communication channels could have increased their susceptibility to cyber attacks.
Attack Overview
The Akira ransomware group targeted DreamWall NV, leaking 150 GB of personal data, medical files, contracts, agreements with other companies, and financial data. This breach has exposed sensitive information and poses a significant risk to the company's operations and reputation.
Ransomware Group Profile
The Akira ransomware group is a rapidly growing threat known for targeting small to medium-sized businesses across various sectors. Utilizing double extortion tactics, they steal data before encrypting systems and then demand ransom for decryption and data deletion. Akira's unique dark web leak site and evolving tactics make them a formidable adversary in the cybersecurity landscape.
Penetration Methods
Akira group may have infiltrated DreamWall NV's systems through unauthorized access to VPNs, credential theft, and lateral movement to deploy the ransomware. Their use of tools like RClone, FileZilla, and WinSCP for data exfiltration indicates a sophisticated approach to cyber attacks. Additionally, the group's affiliation with the Conti ransomware gang suggests a high level of expertise in exploiting vulnerabilities.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.