lockbit2 attacks danubius-exim.r...

Incident Date:

March 20, 2022

World map

Overview

Title

lockbit2 attacks danubius-exim.r...

Victim

danubius-exim.r...

Attacker

Lockbit2

Location

Bucure, Romania

Bucure, Romania

First Reported

March 20, 2022

Danubius Exim Ransomware Attack

Danubius Exim, a Romanian company specializing in fiscal equipment, has been targeted by the ransomware group Lockbit2. The attack was announced on the group's dark web leak site, and the victim's website is https://www.danubius.org/. The company operates in the Agriculture sector and has been in business for over 30 years, focusing on innovation, education, and digitalization in the fiscal domain.

Company Overview

Danubius Exim is one of the pioneers in the Romanian market for fiscal equipment, playing an active role in shaping fiscal legislation and implementing it correctly. Their mission is to lead in the areas of information, education, and digitalization in the local fiscal sector, which has earned them a reputation for excellence and trust among employees, partners, and clients. The company's brand is known for its innovative and powerful character, and it values qualities such as exigency, courage, transparency, and the ability to educate partners in various areas of fiscal application.

Products and Services

Danubius Exim offers a range of solutions for inventory management, courier services, retail, transport, and ticketing. Their products are designed to streamline processes and provide practical benefits, such as the use of Infinea Tab and Linea Pro for inventory management. They have adapted their portfolio to the current context and offer mobile solutions for courier companies, incorporating the latest technologies. For retail and transport, they provide intelligent and modern solutions to simplify inventory management, leveraging the advantages of Infinea Tab and Linea Pro.

Vulnerabilities and Targeting

The ransomware attack on Danubius Exim highlights the need for robust cybersecurity measures in the fiscal sector. As a company that deals with sensitive financial data, Danubius Exim may have been targeted due to its potential value to threat actors. The attack could have been facilitated by vulnerabilities in the company's IT infrastructure, such as outdated software, weak passwords, or insufficient employee training on cybersecurity best practices.

The incident serves as a reminder that all organizations, regardless of their size or industry, are at risk of cyber attacks. It is crucial for companies to invest in cybersecurity measures, such as regular software updates, strong password policies, and employee training, to minimize the risk of falling victim to ransomware attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.