Medusa Ransomware Hits Norwegian Wood Distributor Fritzøe Engros

Incident Date:

September 19, 2024

World map

Overview

Title

Medusa Ransomware Hits Norwegian Wood Distributor Fritzøe Engros

Victim

Fritzøe Engros

Attacker

Medusa

Location

Larvik, Norway

, Norway

First Reported

September 19, 2024

Medusa Ransomware Group Targets Norwegian Wood Distributor Fritzøe Engros AS

Fritzøe Engros AS, a prominent Norwegian company specializing in the distribution of wood-based products, has fallen victim to a ransomware attack orchestrated by the Medusa ransomware group. The attackers have claimed responsibility for the breach via their dark web leak site, threatening to publish the compromised data within a week.

Company Profile

Fritzøe Engros AS, based in Larvik, Vestfold, Norway, is a key player in the wood products industry. The company, which operates under the business ID 979 778 341, is part of the Treschow Fritzøe conglomerate. With a workforce of approximately 50 to 99 employees, Fritzøe Engros generates an estimated annual revenue of around NOK 200 million (approximately USD 20 million). The company is renowned for its extensive range of wood-based products, including plywood, solid wood floors, and terrace materials. Their specialization in high-quality materials for luxury yachts, cruise ships, and work vessels sets them apart in the industry.

Attack Overview

The Medusa ransomware group has claimed to have infiltrated Fritzøe Engros' systems, gaining access to sensitive data. The attackers have issued a threat to publish the stolen data within 7-8 days if their demands are not met. This attack underscores the vulnerabilities that even well-established companies face in the current cybersecurity landscape.

About Medusa Ransomware Group

Medusa is a ransomware group that emerged in late 2022 and has since gained notoriety for its high-profile attacks across various sectors. Operating as a Ransomware-as-a-Service (RaaS) platform, Medusa allows affiliates to use its ransomware to launch attacks. The group is known for its aggressive tactics, including targeting the education and healthcare sectors, and has a global reach with operations extending beyond the United States.

Penetration and Impact

Medusa's ransomware is designed to disable numerous applications and services to prevent detection and mitigation. It also disables shadow copies to thwart recovery efforts. The group's ability to encrypt critical data and demand substantial ransoms for decryption keys makes them a formidable threat. In the case of Fritzøe Engros, the attack could have penetrated the company's systems through various vectors, including phishing emails, unpatched software vulnerabilities, or compromised third-party vendors.

Implications for Fritzøe Engros

The attack on Fritzøe Engros highlights the significant risks faced by companies in the manufacturing and distribution sectors. Despite their extensive distribution network and strategic partnerships, the company remains vulnerable to sophisticated cyber threats. The potential publication of sensitive data could have severe repercussions, including financial losses, reputational damage, and operational disruptions.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.