LockBit 3.0 Ransomware Attack on Syntax Architektur

Incident Date:

May 7, 2024

World map

Overview

Title

LockBit 3.0 Ransomware Attack on Syntax Architektur

Victim

Syntax Architektur

Attacker

Lockbit3

Location

Klosterneuburg, Austria

, Austria

First Reported

May 7, 2024

Ransomware Attack on Syntax Architektur by LockBit 3.0

Overview

An architectural firm based in Klosterneuburg, Austria, Syntax Architektur ZT, was targeted by the cybercrime group LockBit 3.0 in a ransomware attack. The company's website was compromised in the attack.

Company Profile

Syntax Architektur is a company that focuses on creating personalized architectural designs that reflect the individuals living in them. They prioritize coherence, durability, and everyday aesthetics over trends, aiming to provide unique and rooted designs. The company emphasizes the importance of finding coherent solutions to project-specific questions rather than following trends. They value durability, identification, and appreciation in design, highlighting the significance of using materials that age gracefully over time. Syntax Architektur has been utilizing Building Information Modeling (BIM) for planning for the past 15 years, showcasing a commitment to innovative approaches in architecture.

Vulnerabilities

Being targeted by threat actors like LockBit 3.0, Syntax Architektur may have vulnerabilities in their cybersecurity defenses that allowed the ransomware group to penetrate their systems. The use of outdated software, lack of robust cybersecurity measures, or employee negligence could have contributed to the successful attack on the company.

Ransomware Group Distinction

LockBit 3.0 is an evolution of the LockBit ransomware group, known for its advanced encryption techniques and obfuscation methods. The group operates under a Ransomware-as-a-Service (RaaS) model, allowing other cybercriminals to use their malware for attacks. LockBit 3.0 has been used to target a wide range of organizations globally, showcasing its capabilities in infiltrating and encrypting data across various devices and operating systems.

Sources:

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.