Ransomware Attack on Okuant Limited by RansomHub

Victim Overview

Okuant Limited, a real estate investment company based in Madrid, Spain, fell victim to a ransomware attack orchestrated by the cybercriminal group RansomHub. The company specializes in the acquisition and management of real estate portfolios, aiming to generate profitability for its clients in the Spanish real estate market.

Company Size and Standout Features

The company has a workforce of over 100 full-time employees and is known for its technology that enables real-time detection and valuation of investment opportunities. This, along with its market positioning and negotiation power, makes it a reliable option for investment procedures.

Attack Details

The ransomware attack on Okuant resulted in the exfiltration of 5 GB of data, including customers' and employees' information, financial data, and more. The attackers, RansomHub, did not disclose the specific ransom demand, but they leaked a sample of the compromised data as part of the attack's consequences.

Ransomware Group - RansomHub

RansomHub is a new ransomware group known for making claims and backing them up with data leaks. The group operates as a Ransomware-as-a-Service (RaaS) entity, with affiliates receiving 90% of the ransom money. RansomHub has targeted various countries, including the US, Brazil, Indonesia, and Vietnam, with a focus on healthcare-related institutions.

Attack Vector

RansomHub's ransomware strains are written in Golang, a language choice that aligns with recent trends in the ransomware landscape. The group's operations resemble a traditional Russian ransomware setup, indicating potential roots in Russia. The use of AI technology in ransomware attacks has made them more effective, increasing the volume of attacks and posing a significant threat to organizations like Okuant Limited.

Sources

• Okuant Limited Website
• RansomHub Dark Web Profile