lockbit2 attacks ASG Courtage
Incident Date:
February 19, 2022
Overview
Title
lockbit2 attacks ASG Courtage
Victim
ASG Courtage
Attacker
Lockbit2
Location
First Reported
February 19, 2022
ASG Courtage Suffers Ransomware Attack by Lockbit2 Group
ASG Courtage, a prominent entity in the mortgage financing and real estate sectors, recently fell victim to a ransomware attack orchestrated by the Lockbit2 group. This incident was disclosed on the group's dark web leak site, highlighting the ongoing threats faced by companies operating within the Finance sector. ASG Courtage is renowned for its innovative online tools designed to assist users in calculating mortgage rates and simulating loan payments.
Company Overview
ASG Courtage's core mission is to facilitate clients in securing the most advantageous mortgage rates and guiding them through the property acquisition process. Their service portfolio encompasses project definition assistance, broker meetings, and mortgage signing support, catering to a broad spectrum of client needs in the real estate domain.
Industry Standout
The company distinguishes itself by offering a user-centric platform that enables prospective homeowners to accurately calculate mortgage rates and simulate loan payments. This approach empowers users to make well-informed decisions regarding their mortgage options, setting ASG Courtage apart in the competitive landscape.
Vulnerabilities
While the specific vulnerabilities exploited in the attack on ASG Courtage by Lockbit2 remain undisclosed, it is widely acknowledged that ransomware groups frequently target software flaws, outdated systems, and human errors, such as susceptibility to phishing schemes or the use of weak passwords.
Ransomware Attacks in 2023
The year 2023 has witnessed a marked escalation in ransomware attacks, with the period from January to May seeing an unprecedented average of 31 reported victims per month. Among the perpetrators, the Hive ransomware group stands out, having targeted over 1,500 victims globally and extorted more than $100 million in ransom payments through its ransomware-as-a-service (RaaS) model.
Mitigation Strategies
To counter the threat of ransomware attacks, it is imperative for organizations to adopt comprehensive cybersecurity practices. These include conducting regular software updates, providing employee training on security awareness, and maintaining robust backup systems. Furthermore, having a well-defined incident response plan and promptly reporting any attacks to relevant authorities are critical steps in mitigating the impact of such security breaches.
Sources
- ASG Courtage Website
- Spin.AI Ransomware Tracker 2024. Available at https://spin.ai/ransomware-tracker/
- U.S. Department of Justice Disrupts Hive Ransomware Variant. Available at https://www.justice.gov/opa/pr/department-justice-disrupts-hive-ransomware-variant
- CISA: #StopRansomware: Royal Ransomware. Available at https://www.cisa.gov/stopransomware/royal-ransomware
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.