MadLiberator Ransomware Attack Disrupts Crosswear Trading Ltd Operations
Incident Date:
July 17, 2024
Overview
Title
MadLiberator Ransomware Attack Disrupts Crosswear Trading Ltd Operations
Victim
Crossweare Trading LTD
Attacker
Mad Liberator
Location
First Reported
July 17, 2024
Ransomware Attack on Crosswear Trading Ltd by MadLiberator
Overview of Crosswear Trading Ltd
Crosswear Trading Ltd, a UK-based wholesale supplier of party supplies, greetings cards, and balloons, has been a trusted name in the retail sector since 1972. Originally trading as Cross Cash and Carry, the company rebranded to Crosswear Trading Ltd in 1974. They offer a wide range of products, including themed partyware, pocket money toys, and disposable catering items, catering to gift shops, partyware stores, and event planners. Known for their competitive trade prices and reliable delivery services, Crosswear Trading Ltd has established a solid reputation in the industry.
Details of the Ransomware Attack
On July 17, 2024, Crosswear Trading Ltd fell victim to a ransomware attack orchestrated by the notorious MadLiberator group. The extent of the data breach remains unknown, but the attack has raised significant concerns about the security of sensitive information and potential operational disruptions. Investigations are ongoing to assess the full impact and implement measures to prevent future incidents.
About MadLiberator Ransomware Group
MadLiberator is a well-known ransomware group recognized for its targeted attacks on various organizations worldwide. They employ sophisticated encryption methods, specifically AES/RSA, to lock victim files and use aggressive extortion tactics. The group has recently gained attention for high-profile operations, including an attack on the Italian Ministry of Culture. MadLiberator distinguishes itself by threatening legal repercussions under regulations like GDPR and CCPA and intimidating victims with the potential misuse of stolen data for fraudulent purposes.
Potential Vulnerabilities and Penetration Methods
While the exact method of penetration in the Crosswear Trading Ltd attack is not yet confirmed, ransomware groups like MadLiberator often exploit vulnerabilities such as outdated software, weak passwords, and lack of multi-factor authentication. Companies in the retail sector, like Crosswear Trading Ltd, which handle large volumes of sensitive customer data, are particularly attractive targets for ransomware attacks. Ensuring robust cybersecurity measures is crucial to mitigate such risks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.