Ferraro Group Hit by Ransomware Attack: 210 GB Data at Risk by Hunters International

Incident Date:

August 19, 2024

World map

Overview

Title

Ferraro Group Hit by Ransomware Attack: 210 GB Data at Risk by Hunters International

Victim

Ferraro Group

Attacker

Hunters International

Location

Ariano Irpino, Italy

, Italy

First Reported

August 19, 2024

Ransomware Attack on Ferraro Group by Hunters International

Ferraro Group, a prominent Italian manufacturer specializing in sectional doors and rolling shutters, has recently fallen victim to a ransomware attack orchestrated by the Hunters International group. The attackers claim to have exfiltrated 210 GB of sensitive data and have threatened to publish this data within the next two days if their demands are not met.

About Ferraro Group

Founded in 1983 by Angelo Ferrara, Ferraro Group has established itself as a leader in the manufacturing of high-quality closure systems, including sectional doors, rapid roll-up doors, fire doors, and large shutters. The company operates in both national and international markets, serving various sectors such as residential, commercial, and industrial. With a workforce of approximately 70 employees, Ferraro Group is headquartered in Ariano Irpino, Italy. The company's commitment to innovation, quality, and customer satisfaction has made it a key player in the closures market.

Attack Overview

The ransomware group Hunters International has claimed responsibility for the attack on Ferraro Group. According to the attackers, they have infiltrated the company's systems and exfiltrated 210 GB of sensitive data. The group has issued a threat to publish this data within the next two days if their ransom demands are not met. This attack highlights the vulnerabilities that even well-established companies like Ferraro Group face in the ever-evolving landscape of cyber threats.

About Hunters International

Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, shortly after the disruption of the notorious Hive ransomware group. The group's ransomware code contains significant overlap with Hive's, suggesting a shared technical lineage. Hunters International focuses on exfiltrating data and extorting victims with ransom demands. The group has been detected targeting victims across various regions, including the US, UK, Germany, and Namibia.

Penetration and Distinguishing Features

Hunters International's techniques and operational strategies resemble those of the Hive ransomware, indicating they may have inherited or adapted Hive's encryption methods and tactics. The group has been known to use sophisticated methods to conceal their true origins, making it difficult to definitively determine their location and leadership. The attack on Ferraro Group underscores the importance of comprehensive cybersecurity measures, as even companies with a strong market presence and commitment to quality can fall prey to such threats.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.