Ransomware Attack Disrupts Associated Building Specialties Operations
Incident Date:
September 13, 2024
Overview
Title
Ransomware Attack Disrupts Associated Building Specialties Operations
Victim
Associated Building Specialties, Inc.
Attacker
Hunters International
Location
First Reported
September 13, 2024
Ransomware Attack on Associated Building Specialties, Inc. by Hunters International
Associated Building Specialties, Inc. (ABS), a renowned specialties and glazing subcontractor based in Broomfield, Colorado, has recently fallen victim to a ransomware attack orchestrated by the notorious ransomware group, Hunters International. The attack was discovered on September 14, 2024, and has raised significant concerns within the construction industry.
Company Profile
Established in 1985, ABS has built a strong reputation for its commitment to quality craftsmanship and exceptional service. The company specializes in providing a wide range of Division 10 products, including toilet partitions, washroom accessories, lockers, visual display boards, and fire extinguishers. Additionally, ABS has a glazing division that offers comprehensive solutions for both interior and exterior applications, such as storefronts and curtain walls.
ABS is known for its collaborative approach, working closely with contractors, architects, and facility owners to ensure project success. This dedication to client service and a culture of safety, quality, and timely delivery has solidified their reputation in Colorado and beyond.
Attack Overview
The ransomware attack on ABS was claimed by Hunters International via their dark web leak site. The extent of the data leak remains unknown at this time. The attack has disrupted ABS's operations, potentially compromising sensitive client information and project data.
About Hunters International
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, shortly after the disruption of the Hive ransomware group. The group exhibits significant technical overlap with Hive, suggesting an evolution or offshoot of the dismantled operation. Hunters International's primary objective is to exfiltrate target data and subsequently extort victims with a ransom demand in exchange for the return of the stolen data.
Investigations have revealed potential ties to Nigeria through domain registrations and email addresses associated with the group. However, the group is known to use fake identities and tricky methods to conceal their true origins, making it difficult to definitively determine their location and leadership.
Penetration and Vulnerabilities
While the exact method of penetration remains unclear, ransomware groups like Hunters International typically exploit vulnerabilities in a company's cybersecurity infrastructure. This can include outdated software, weak passwords, and lack of employee training on phishing attacks. Given ABS's extensive operations and the sensitive nature of their project data, they present an attractive target for ransomware groups seeking to maximize their impact and potential ransom payments.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.