Kharafi Global Hit by LockBit3 Ransomware Attack
Incident Date:
May 27, 2024
Overview
Title
Kharafi Global Hit by LockBit3 Ransomware Attack
Victim
Kharafi Global
Attacker
Lockbit3
Location
First Reported
May 27, 2024
Ransomware Attack on Kharafi Global by LockBit3
Company Profile
Kharafi Global is a professional support services company known for offering a wide range of services, including facility management, construction project support, and various value-added services. The company emphasizes its commitment to customer service and stability, backed by an experienced team of consultants and technicians. The registered company name is Al Kharafi Global General Trading & Contracting Co. WLL. Kharafi Global distinguishes itself with comprehensive service offerings that cater to various industries in Kuwait and the Middle East. The company's focus on facility management and construction project support sets it apart in the industry.
The exact size of the company is not explicitly mentioned in the available sources. However, given its diverse service offerings and presence in multiple industries, Kharafi Global is likely a medium to large-sized company. While the company's revenue is not publicly disclosed, Kharafi Global likely generates significant revenue from its diverse range of projects and clients, reflecting its well-established position in the market.
Ransomware Attack Overview
The LockBit3 ransomware group targeted kharafiglobal.com on May 27, 2024, at 7:07:18, resulting in a successful breach of the company's systems. Sample data was released, indicating the severity of the attack.
Ransomware Group Profile
LockBit3, also known as LockBit Black, is an evolution of the LockBit ransomware group. Known for its advanced and dangerous ransomware threats, LockBit3 employs techniques such as encrypting files, modifying filenames, changing desktop wallpapers, and dropping ransom notes on victims' desktops. The ransomware is heavily obfuscated and protected against analysis, making it challenging for security researchers to study.
LockBit3 utilizes advanced encryption and obfuscation techniques, is capable of lateral movement within networks, deletes traces of its presence to evade detection, operates under a Ransomware-as-a-Service (RaaS) model, and targets a wide range of organizations globally.
Company Vulnerabilities
Kharafi Global's extensive service offerings and large client base may have made it an attractive target for threat actors like LockBit3. The company's involvement in financial operations and valuable data management could have exposed vulnerabilities that the ransomware group exploited. The ransomware attack by LockBit3 on Kharafi Global led to the leak of sample data, indicating a significant breach of the company's systems. This incident underscores the sophisticated tactics employed by LockBit3 to infiltrate and compromise organizational networks.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.