Durham Manufacturing Hit by 305.9 GB Ransomware Attack
Incident Date:
July 31, 2024
Overview
Title
Durham Manufacturing Hit by 305.9 GB Ransomware Attack
Victim
Durham Manufacturing
Attacker
Hunters International
Location
First Reported
July 31, 2024
Ransomware Attack on Durham Manufacturing by Hunters International
Durham Manufacturing, a well-established manufacturer specializing in industrial storage solutions, has fallen victim to a ransomware attack orchestrated by the Hunters International group. The attack, which has compromised 305.9 GB of sensitive data, poses significant risks to the company's operations and data security.
About Durham Manufacturing
Founded in 1922 and based in Durham, Connecticut, Durham Manufacturing Company is renowned for its durable and functional industrial storage solutions. The company serves various sectors, including manufacturing, warehousing, and distribution, with a product portfolio that includes industrial cabinets, shelving units, workbenches, and tool storage systems. Durham Manufacturing is recognized for its high standards of quality and innovation, maintaining a strong reputation in the industry.
With a workforce of approximately 11 to 50 employees, the company combines expertise with personalized service, catering to a diverse clientele from small businesses to large corporations. Their distribution network enables global shipping, ensuring timely delivery of products worldwide.
Attack Overview
The ransomware group Hunters International has claimed responsibility for the attack on Durham Manufacturing. The group alleges that they have infiltrated the company's systems and exfiltrated 305.9 GB of sensitive data. This breach could severely impact Durham Manufacturing's business continuity and customer trust, given the potential exposure of confidential information.
About Hunters International
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, following the disruption of the notorious Hive ransomware group. The group exhibits significant technical overlap with Hive, suggesting an evolution or offshoot of the dismantled operation. Their ransomware code contains approximately 60% overlap with Hive ransomware version 61, indicating a shared technical lineage.
Hunters International focuses on exfiltrating target data and extorting victims with ransom demands in exchange for the return of the stolen data. The group has targeted victims across various regions, including the US, UK, Germany, and Namibia, without a specific focus on particular industries. Investigations have revealed potential ties to Nigeria, although the group uses fake identities to conceal their true origins.
Penetration and Vulnerabilities
While specific details of how Hunters International penetrated Durham Manufacturing's systems are not disclosed, common vulnerabilities in manufacturing companies include outdated software, insufficient cybersecurity measures, and lack of employee training on phishing attacks. Given the technical sophistication of Hunters International, it is likely that they exploited such vulnerabilities to gain access to Durham Manufacturing's sensitive data.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.