ransomexx attacks Viva Air

Incident Date:

March 14, 2022

World map

Overview

Title

ransomexx attacks Viva Air

Victim

Viva Air

Attacker

Ransomexx

Location

Balakong, Malaysia

Selangor, Malaysia

First Reported

March 14, 2022

Viva Air-Conditioning (M) S/B Targeted by Ransomware Group Ransomexx

Viva Air-Conditioning (M) S/B, a leading provider of air-conditioning, chiller, and cooling tower solutions in Malaysia, has been targeted by the ransomware group Ransomexx. The company, established in 1989, has been servicing Malaysia's ACMV industry for over 30 years and has become a market leader in purchasing and selling of quality pre-owned and new ACMV equipment.

Company Size and Industry Standing

Viva Air-Conditioning (M) S/B is a significant player in the manufacturing sector, specializing in industrial air-conditioners, chillers, and cooling towers. The company's website does not provide information on its size or number of employees.

Vulnerabilities and Targeting

Ransomware attacks often target organizations with weak cybersecurity defenses or those that have not kept their systems up-to-date with the latest security patches. Viva Air-Conditioning (M) S/B may have been targeted due to its position in the manufacturing sector, which is known to be a popular target for cybercriminals. The company's website does not provide information on its cybersecurity measures or any recent security incidents.

Ransomware Group Ransomexx

Ransomexx is a ransomware group that has claimed responsibility for the attack on Viva Air-Conditioning (M) S/B through their dark web leak site. The group is known for its ransomware attacks on various organizations, and their targeting of Viva Air-Conditioning (M) S/B highlights the ongoing threat of ransomware to businesses across industries.

The ransomware attack on Viva Air-Conditioning (M) S/B serves as a reminder of the importance of robust cybersecurity measures in the face of increasingly sophisticated threat actors. As the manufacturing sector continues to digitalize, companies must prioritize cybersecurity to protect their operations and sensitive data from potential attacks.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.