Fractalia Group Hit by Hunters International Ransomware Attack
Incident Date:
August 6, 2024
Overview
Title
Fractalia Group Hit by Hunters International Ransomware Attack
Victim
Fractalia Group
Attacker
Hunters International
Location
First Reported
August 6, 2024
Ransomware Attack on Fractalia Group by Hunters International
Fractalia Group, a Spanish multinational company specializing in digital solutions and technological support services, has recently fallen victim to a ransomware attack orchestrated by the Hunters International ransomware group. The attack has significant implications for the company's operations and data security.
About Fractalia Group
Fractalia Group, officially registered as Fractalia Remote Systems S.L., is headquartered in Tres Cantos, Madrid. The company operates in the Business Services sector, providing a comprehensive range of digital solutions and technological support services to various industries, including telecommunications, energy, and retail. With over 15 years of experience and operations in 12 countries, Fractalia employs over 2,000 people globally, with approximately 470 based in Spain. The company is recognized for its innovative approach, leveraging Artificial Intelligence for IT Operations (AIOps) to enhance ICT operations.
Attack Overview
The ransomware attack on Fractalia Group was claimed by the Hunters International ransomware group via their dark web leak site. The attackers reportedly exfiltrated 153 GB of data, encompassing 372,710 files. This breach has exposed sensitive information and disrupted the company's operations, highlighting the growing threat of ransomware attacks on large organizations. Fractalia's extensive service portfolio, which includes managed services, technical support, cybersecurity, Wi-Fi solutions, and digital signage, makes it a valuable target for threat actors.
About Hunters International
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, shortly after the disruption of the notorious Hive ransomware group. The group's ransomware code contains approximately 60% overlap with samples of Hive ransomware, indicating a shared technical lineage. Hunters International's primary objective is to exfiltrate target data and subsequently extort victims with a ransom demand in exchange for the return of the stolen data. The group has been detected targeting victims across various regions, including the US, UK, Germany, and Namibia.
Penetration and Impact
While the exact method of penetration into Fractalia's systems remains unclear, it is likely that Hunters International exploited vulnerabilities in the company's cybersecurity defenses. The group's techniques and operational strategies resemble those of the Hive ransomware, suggesting they have inherited or adapted Hive's encryption methods and tactics. The attack on Fractalia underscores the importance of continuous monitoring and improvement of digital defenses.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.