hiveleak attacks Ningbo Dechang Electric Machinery Manufacturing Co., Ltd.

Incident Date:

February 25, 2022

World map



hiveleak attacks Ningbo Dechang Electric Machinery Manufacturing Co., Ltd.


Ningbo Dechang Electric Machinery Manufacturing Co., Ltd.




Trang bom, Vietnam

Bong Nai, Vietnam

First Reported

February 25, 2022

Ningbo Dechang Electric Machinery Manufacturing Co., Ltd. Ransomware Attack

Ningbo Dechang Electric Machinery Manufacturing Co., Ltd., a prominent enterprise based in Ningbo, China, has recently fallen victim to a ransomware attack orchestrated by the group known as Hiveleak. Specializing in the production of electric motors and household vacuum cleaners, the company has carved out a significant niche for itself, particularly in the European and American markets.

The company's official website, which can be found at, offers a comprehensive overview of their product lineup, notable achievements, and subsidiary ventures. Among these ventures is Ningbo Dechang Technology Co., Ltd., an initiative aimed at fostering the development of a digital workshop and the realization of an intelligent factory.

Despite its considerable success, Ningbo Dechang has not been immune to cyber threats, as evidenced by the recent attack by Hiveleak. The ransomware group made its actions known through an announcement on its dark web leak site, revealing that it had successfully compromised the company's systems and was demanding a ransom in exchange for the decryption of the seized data.

The company's infrastructure is extensive, with a workshop area spanning 135 Mu and a building area of 150,000 square meters. It has been acknowledged as a municipal high-tech enterprise and has ventured into the family health care industry with a diversified product range.

The specific vulnerabilities exploited in this attack have not been disclosed. However, it is widely understood that ransomware attacks typically leverage flaws in software, outdated systems, or human error, such as susceptibility to phishing attempts. To counteract these threats, companies are advised to adopt comprehensive cybersecurity strategies that include regular software updates, thorough employee training, and the implementation of multi-factor authentication.

This incident underscores the pervasive nature of cyber threats and highlights the importance of prioritizing cybersecurity measures to safeguard data and operational integrity.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.