Ransomware Attack Hits SESAM Informatics in Senegal
Incident Date:
September 6, 2024
Overview
Title
Ransomware Attack Hits SESAM Informatics in Senegal
Victim
SESAM Informatics
Attacker
Hunters International
Location
First Reported
September 6, 2024
Ransomware Attack on SESAM Informatics by Hunters International
SESAM Informatics, a prominent IT integrator based in Dakar, Senegal, has fallen victim to a ransomware attack orchestrated by the notorious group Hunters International. The attackers have exfiltrated 3.6GB of sensitive data and are threatening to release it unless a ransom is paid.
About SESAM Informatics
Founded in 2006 by a Cisco-certified engineer, SESAM Informatics specializes in IT integration, consulting, project management, and training. The company offers comprehensive services in network, computer, security, and data center solutions. With a workforce of 11-50 employees and an annual revenue of approximately $6 million, SESAM Informatics is a key player in the Senegalese IT sector. Their expertise in digital transformation and cloud computing sets them apart in the industry.
Attack Overview
The ransomware group Hunters International claimed responsibility for the attack via their dark web leak site. The group is known for its sophisticated operations, focusing on both encrypting victim data and exfiltrating sensitive information. In this case, they managed to infiltrate SESAM Informatics' systems and exfiltrate 3.6GB of data, leveraging it to demand a ransom.
About Hunters International
Hunters International emerged in late 2023, following the dismantling of the Hive ransomware group. Approximately 60% of their code overlaps with Hive, although they assert their independence. The group prioritizes data theft over encryption, using a combination of AES and RSA encryption methods. Their ransomware is written in Rust, enhancing its performance and security. They employ tactics such as phishing, exploiting vulnerabilities, and social engineering to infiltrate organizations.
Vulnerabilities and Penetration
SESAM Informatics' focus on digital transformation and cloud computing, while innovative, may have exposed them to vulnerabilities that Hunters International exploited. The group's sophisticated tactics, including phishing and exploiting public-facing application vulnerabilities, likely played a role in penetrating SESAM Informatics' defenses. The attack underscores the importance of stringent cybersecurity measures, even for companies with advanced IT capabilities.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.