R.B. Woodcraft Targeted in Ransomware Attack by 8Base Group
Incident Date:
April 15, 2024
Overview
Title
R.B. Woodcraft Targeted in Ransomware Attack by 8Base Group
Victim
R.B Woodcraft, Inc.
Attacker
8base
Location
First Reported
April 15, 2024
Ransomware Attack on R.B. Woodcraft by 8Base Group
Attack Overview
R.B. Woodcraft, a prominent player in the architectural woodwork sector, has fallen victim to a ransomware attack orchestrated by the notorious cybercriminal group 8Base. The attack was first disclosed on the group's dark web leak site, indicating a potential compromise of sensitive data including financial documents, employee information, and confidential business agreements.
Company Profile
R.B. Woodcraft, Inc., established in 1984, operates with a workforce of 31 employees and generates a revenue of approximately $17 million annually. Specializing in high-quality architectural woodwork, the company has carved a niche in the woodworking industry, which boasts a global market size exceeding $150 billion. Despite its small size, R.B. Woodcraft stands out due to its personalized client relationships and a strong reputation built over decades.
Details of the Cyberattack
The cyberattack by 8Base involved the deployment of ransomware, likely through phishing or exploit kits, a common tactic used by this group. The ransomware encrypted critical data and threatened the release of this data unless a ransom was paid. As of the last update, there has been no confirmation on whether the ransom was paid or if any data was actually leaked following the deadline of April 19th, 2024.
Vulnerabilities and Target Selection
R.B. Woodcraft's relatively small size and specific industry focus might have contributed to its vulnerabilities. Small to medium-sized businesses (SMBs) like R.B. Woodcraft are often targeted by groups like 8Base due to potentially less sophisticated cybersecurity measures compared to larger corporations. The valuable and sensitive nature of the data handled by companies in the construction and woodworking sectors makes them attractive targets for ransomware attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.