MadLiberator Ransomware Attack Disrupts Crosswear Trading Ltd Operations

Incident Date:

July 17, 2024

World map

Overview

Title

MadLiberator Ransomware Attack Disrupts Crosswear Trading Ltd Operations

Victim

Crossweare Trading LTD

Attacker

Mad Liberator

Location

Enfield, United Kingdom

, United Kingdom

First Reported

July 17, 2024

Ransomware Attack on Crosswear Trading Ltd by MadLiberator

Overview of Crosswear Trading Ltd

Crosswear Trading Ltd, a UK-based wholesale supplier of party supplies, greetings cards, and balloons, has been a trusted name in the retail sector since 1972. Originally trading as Cross Cash and Carry, the company rebranded to Crosswear Trading Ltd in 1974. They offer a wide range of products, including themed partyware, pocket money toys, and disposable catering items, catering to gift shops, partyware stores, and event planners. Known for their competitive trade prices and reliable delivery services, Crosswear Trading Ltd has established a solid reputation in the industry.

Details of the Ransomware Attack

On July 17, 2024, Crosswear Trading Ltd fell victim to a ransomware attack orchestrated by the notorious MadLiberator group. The extent of the data breach remains unknown, but the attack has raised significant concerns about the security of sensitive information and potential operational disruptions. Investigations are ongoing to assess the full impact and implement measures to prevent future incidents.

About MadLiberator Ransomware Group

MadLiberator is a well-known ransomware group recognized for its targeted attacks on various organizations worldwide. They employ sophisticated encryption methods, specifically AES/RSA, to lock victim files and use aggressive extortion tactics. The group has recently gained attention for high-profile operations, including an attack on the Italian Ministry of Culture. MadLiberator distinguishes itself by threatening legal repercussions under regulations like GDPR and CCPA and intimidating victims with the potential misuse of stolen data for fraudulent purposes.

Potential Vulnerabilities and Penetration Methods

While the exact method of penetration in the Crosswear Trading Ltd attack is not yet confirmed, ransomware groups like MadLiberator often exploit vulnerabilities such as outdated software, weak passwords, and lack of multi-factor authentication. Companies in the retail sector, like Crosswear Trading Ltd, which handle large volumes of sensitive customer data, are particularly attractive targets for ransomware attacks. Ensuring robust cybersecurity measures is crucial to mitigate such risks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.