Elaraby Group Targeted by LockBit 3.0 Ransomware
Incident Date:
May 7, 2024
Overview
Title
Elaraby Group Targeted by LockBit 3.0 Ransomware
Victim
Eleraby Group
Attacker
Lockbit3
Location
First Reported
May 7, 2024
Ransomware Attack on Elaraby Group by LockBit 3.0
Victim Profile
Elaraby Group, a leading Egyptian company founded in 1964, operates in the fields of electronics, home appliances, and kitchen appliances. With a strong presence in the local market and expansion into other countries in the region, Elaraby Group offers a wide range of products including televisions, refrigerators, washing machines, and air conditioners. The company provides after-sales services and support for its products.
With 51-200 employees, the company has grown from a joint stock family enterprise to one of the largest industrial and commercial corporations in Egypt and the Middle East.
Vulnerabilities and Targeting
Their prominence in the electronics and home appliances industry makes it an attractive target for threat actors like the LockBit 3.0 ransomware group. The company's extensive operations and customer base could have made it vulnerable to cyberattacks, leading to the successful breach by LockBit 3.0.
LockBit 3.0 Ransomware Group
The LockBit 3.0 ransomware group, an evolution of the LockBit group, is known for its advanced capabilities and evasive tactics. Operating under a Ransomware-as-a-Service model, LockBit 3.0 encrypts files, modifies filenames, changes desktop wallpapers, and drops ransom notes on victims' desktops. The ransomware is highly obfuscated, making it challenging for security researchers to analyze and defend against.
h2>LockBit May Attacks
LockBit 3.0, a cybercriminal group, resurfaced with vigor in May 2024 following the disruption of its infrastructure in February during "Operation Cronos," a collaborative effort by international law enforcement agencies. Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. These assaults spanned various sectors and countries, showcasing LockBit's global reach and adaptability. The group's resurgence prompts scrutiny of law enforcement's effectiveness in combating cybercrime and highlights the necessity for enhanced international cooperation to tackle such syndicates effectively.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.