RansomHub Ransomware Hits Natural Curiosities: Key Details Revealed
Incident Date:
August 11, 2024
Overview
Title
RansomHub Ransomware Hits Natural Curiosities: Key Details Revealed
Victim
Natural Curiosities
Attacker
Ransomhub
Location
First Reported
August 11, 2024
RansomHub Ransomware Attack on Natural Curiosities: A Detailed Analysis
Natural Curiosities, a Los Angeles-based art house known for its luxurious and eclectic wall decor, has become the latest victim of a ransomware attack by the notorious group RansomHub. The attack has compromised the company's files and webmails, putting sensitive information at risk.
About Natural Curiosities
Natural Curiosities is a design services company specializing in nature-inspired wall art collections. Established over 20 years ago, the company operates out of Chatsworth, California, and employs between 11 to 50 individuals. Their offerings include beach scenes, nature landscapes, and music-inspired art, characterized by artistic craftsmanship and a deep appreciation for the natural world. Customization is a key aspect of their services, allowing clients to request personalized pieces tailored to their specific preferences.
Attack Overview
The ransomware attack on Natural Curiosities was orchestrated by RansomHub, a relatively new but increasingly notorious ransomware group. The attackers gained access to the company's servers, encrypting and exfiltrating sensitive information. RansomHub has threatened to leak all private documents unless a ransom is paid, putting the company's confidential data at significant risk.
About RansomHub
RansomHub is a ransomware group believed to have roots in Russia, operating as a Ransomware-as-a-Service (RaaS) entity. Affiliates receive 90% of the ransom money, with the remaining 10% going to the main group. The group has targeted various countries, including the US, Brazil, Indonesia, and Vietnam, with a notable focus on healthcare-related institutions. RansomHub's ransomware strains are written in Golang, a language choice that aligns with recent trends in the ransomware world.
Penetration and Vulnerabilities
While the exact method of penetration remains unclear, it is likely that RansomHub exploited vulnerabilities in Natural Curiosities' cybersecurity infrastructure. Small to medium-sized businesses like Natural Curiosities often lack the comprehensive cybersecurity measures of larger enterprises, making them attractive targets for ransomware groups. The use of Golang in RansomHub's ransomware strains may have also played a role, as this language can sometimes evade traditional security defenses.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.