Dunghill Leak attacks Incredible Technologies

ncredible Technologies, a US-based video game developer and manufacturer, has been hit with a ransomware attack. Dunghill Leak ransomware group has claimed responsibility for the attack, posting Incredible Technologies on its dark web blog page on May 29. The ransomware group claims to have stolen 500GB of company data, including binaries and source codes for 58 slot machine games, documentation, and confidential data. Stolen data also includes source files for application development, SolidWorks drawings, schematics, 3D models, parts lists for game stations, and accounting and tax reports from 2011-2022. Dunghill Leak is thought to be a rebrand of an older ransomware gang known as Dark Angels, which was first identified in May 2022. The group deploys the Babuk ransomware variant, which attempts to inhibit system recovery and terminate any process that could interfere with the encryption process. Incredible Technologies, headquarted in Illinois, US, develops and manufactures coin-operated and Class III video games and employs roughly 200 people. The company has neither confirmed nor denied the incident. Ransomware attacks typically involve threat groups encrypting an organization’s data and demanding a ransom for the decryption key. Cybercriminals typically target organizations that will suffer greatly from stolen data or downtime, and that can afford to pay ransoms.