LockBit3 Ransomware Strikes Cafe Novell SA
Incident Date:
May 27, 2024
Overview
Title
LockBit3 Ransomware Strikes Cafe Novell SA
Victim
Cafe Novell SA
Attacker
Lockbit3
Location
First Reported
May 27, 2024
LockBit3 Ransomware Attack on Cafe Novell SA
Company Overview
Cafe Novell SA, a Spanish company founded in 1958, specializes in producing high-quality coffee products. They offer a variety of coffee blends, coffee machines, and accessories for both home and commercial use. The company is known for its commitment to sustainability and ethical sourcing practices, ensuring responsible and environmentally-friendly coffee production.
Company Size and Revenue
Cafe Novell employs more than 50 employees and generates an annual turnover of between 10 and 50 million euros.
Company Standout
Renowned for its dedication to sustainability, quality, and customer satisfaction, Cafe Novell has received certifications such as ISO 9001 for its production center and commercial offices. They collaborate with organizations like UTZ Certified and Fair Trade to promote responsible coffee farming and consumption.
Victim Vulnerabilities
As a key player in the coffee industry with a notable online presence, Cafe Novell SA may have been targeted by threat actors like the LockBit3 ransomware group due to the valuable customer data they possess. Their reliance on digital systems for operations and customer interactions could have made them susceptible to cyber attacks.
Attack Overview
The LockBit3 ransomware group targeted cafesnovell.com, resulting in the leakage of sample data. This attack likely involved encrypting files, modifying filenames, changing desktop wallpapers, and dropping ransom notes on the victim's desktop.
Ransomware Group Profile
The LockBit3 ransomware group, also known as LockBit Black, is an advanced Ransomware-as-a-Service (RaaS) group that has evolved from previous LockBit variants. It is considered one of the most dangerous and disruptive ransomware threats currently active, with features that make it difficult to analyze and defend against.
How the Ransomware Group Operates
Operating under a RaaS model, LockBit3 allows other cybercriminals to use their malware for attacks. The group has been actively recruiting affiliates and targeting a wide range of businesses and critical infrastructure organizations globally. Known for its advanced infection capacities, customization options, and evasive tactics, LockBit3 is challenging to detect and mitigate.
References
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.