LockBit 3.0 Ransomware Attack on Cargo Consolidators Agency Limited
Incident Date:
May 9, 2024
Overview
Title
LockBit 3.0 Ransomware Attack on Cargo Consolidators Agency Limited
Victim
Cargo Consolidators Agency Limited
Attacker
Lockbit3
Location
First Reported
May 9, 2024
Ransomware Attack on Cargo Consolidators Agency Limited
Victim Profile
Cargo Consolidators Agency Limited, based in Trinidad and Tobago, is a comprehensive freight forwarding, logistics, and consolidation company established in 1976. They serve the expanding manufacturing, petroleum, and energy sectors in the region, offering a wide range of freight forwarding and logistics services, including containerized cargo, bulk shipping, and specialized cargo handling. Their long history in the industry and diverse range of services make them a key player in facilitating trade and logistics in the region.
Attack Details
Cargo Consolidators Agency Limited's website, cargotrinidad.com, was compromised in a ransomware attack by LockBit 3.0. During the breach, 145 GB of data, including sensitive information such as banking and financial details, invoices, audits, and personally identifiable information, was exfiltrated. A sample of the leaked data was made available on the dark web leak site associated with the ransomware group.
Ransomware Group: LockBit 3.0
LockBit 3.0, also known as LockBit Black, is a Ransomware-as-a-Service (RaaS) group that has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations. The group is known for its advanced encryption techniques, obfuscation methods, and the ability to move laterally through networks to cover its tracks. LockBit 3.0 has been used in high-profile attacks against major companies globally, making it a significant threat in the cybersecurity landscape.
LockBit May Attacks
This ransomware attack on Cargo Consolidators Agency Limited is part of the May 2024 attacks by LockBit 3.0. Following the disruption of its infrastructure during "Operation Cronos," LockBit resurfaced with vigor, targeting over 50 victims within hours of reactivating its platform. The group's ability to regroup and strike back efficiently raises concerns about current strategies' adequacy in combating cybercrime. LockBit's recent activities have targeted diverse industries globally, emphasizing the need for enhanced international cooperation and proactive measures to counter such cybercriminal syndicates effectively.
Sources:
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.