ransomexx attacks Viva Air
Incident Date:
March 14, 2022
Overview
Title
ransomexx attacks Viva Air
Victim
Viva Air
Attacker
Ransomexx
Location
First Reported
March 14, 2022
Viva Air-Conditioning (M) S/B Targeted by Ransomware Group Ransomexx
Viva Air-Conditioning (M) S/B, a leading provider of air-conditioning, chiller, and cooling tower solutions in Malaysia, has been targeted by the ransomware group Ransomexx. The company, established in 1989, has been servicing Malaysia's ACMV industry for over 30 years and has become a market leader in purchasing and selling of quality pre-owned and new ACMV equipment.
Company Size and Industry Standing
Viva Air-Conditioning (M) S/B is a significant player in the manufacturing sector, specializing in industrial air-conditioners, chillers, and cooling towers. The company's website does not provide information on its size or number of employees.
Vulnerabilities and Targeting
Ransomware attacks often target organizations with weak cybersecurity defenses or those that have not kept their systems up-to-date with the latest security patches. Viva Air-Conditioning (M) S/B may have been targeted due to its position in the manufacturing sector, which is known to be a popular target for cybercriminals. The company's website does not provide information on its cybersecurity measures or any recent security incidents.
Ransomware Group Ransomexx
Ransomexx is a ransomware group that has claimed responsibility for the attack on Viva Air-Conditioning (M) S/B through their dark web leak site. The group is known for its ransomware attacks on various organizations, and their targeting of Viva Air-Conditioning (M) S/B highlights the ongoing threat of ransomware to businesses across industries.
The ransomware attack on Viva Air-Conditioning (M) S/B serves as a reminder of the importance of robust cybersecurity measures in the face of increasingly sophisticated threat actors. As the manufacturing sector continues to digitalize, companies must prioritize cybersecurity to protect their operations and sensitive data from potential attacks.
Sources
- Viva Air-Conditioning (M) S/B Website: http://www.viva.com.my/
- ABC News: "Russian hackers blamed for ransomware attack on Victoria's court system" https://abcnews.go.com/
- FBI: "Ransomware" https://www.fbi.gov/investigate/cyber
- BleepingComputer: "Victoria court recordings exposed in reported ransomware attack" https://www.bleepingcomputer.com/
- Databreaches.net: "Russian hackers believed to be behind cyber attack on Victoria's county court" https://www.databreaches.net/
- Cyber Security Hub: "Victoria Court recordings exposed in suspected ransomware attack" https://www.cshub.com/
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.