lockbit2 attacks M.C.S. Morandi S.r.l.

Incident Date:

January 7, 2022

World map



lockbit2 attacks M.C.S. Morandi S.r.l.


M.C.S. Morandi S.r.l.




Mazzano, Italy

Brescia, Italy

First Reported

January 7, 2022

M.C.S. Morandi S.r.l. Targeted by Lockbit2 Ransomware Group

M.C.S. Morandi S.r.l., a company specializing in the design and construction of injection moulds, has been targeted by the ransomware group Lockbit2. The company, which has been in operation for 60 years, operates in the manufacturing sector and serves various industries, including automotive, agriculture, commercial and industrial vehicles, household appliances, furniture, electronics, and lighting.

The Lockbit2 ransomware group, known for its aggressive tactics, has claimed responsibility for the attack on M.C.S. Morandi S.r.l.'s website, which is currently operational. The company's website provides information on their services, including the design and construction of injection moulds using modern technologies, and their ability to assist clients from the initial concept to the complete realization of the mould.

The attack on M.C.S. Morandi S.r.l. is part of a broader trend of ransomware attacks targeting various sectors, including critical infrastructure, healthcare, and financial institutions. The Lockbit2 group, in particular, has been active in deploying ransomware variants and negotiating ransom amounts with victims.

The company's vulnerability to such an attack may be attributed to the increasing sophistication of ransomware groups and their ability to exploit weaknesses in computer systems. As the cybersecurity landscape continues to evolve, it is crucial for organizations to implement robust security measures to protect against such threats.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.