Ransomware Attack on Cultivar by LockBit 3.0

Company Profile

Cultivar is a Brazilian company specializing in the import and export of agricultural products, including fertilizers, pesticides, seeds, and biological products. The company has an experienced administrative and commercial team and a wide portfolio of suppliers in the agriculture and livestock sectors. Cultivar's registered name is Cultivar S.A.U., and it is headquartered in Formosa, Goiás, Brazil. The company has between 11 and 50 employees. Cultivar stands out for providing innovative services such as logistics solutions, strict quality controls, and a wide range of fresh, quality fruits and vegetables. They also use unique ripening and storage techniques to ensure product quality.

Attack Details

The cyberattack on Cultivar was carried out by the LockBit 3.0 ransomware. The attackers successfully encrypted the company's data, rendering it inaccessible. It is believed that the attackers intended to extort a ransom from the company in exchange for the decryption key.The group has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations globally. LockBit 3.0 is considered one of the most dangerous and disruptive ransomware threats currently active, with advanced infection capacities and customization options.

LockBit May Attacks

This ransomware attack on Cultivar is part of the May 2024 attacks by LockBit 3.0. The cybercriminal group resurfaced with vigor following the disruption of its infrastructure in February during "Operation Cronos." Despite arrests and the dismantling of its data leak site, LockBit swiftly returned, targeting over 50 victims within hours of reactivating its platform. The group's recent activities targeted diverse industries globally, showcasing its global reach and adaptability.

Sources:

• Cultivar Website
• VMware Blog
• SentinelOne
• Times of India
• Wazuh Blog