Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit

Incident Date:

May 18, 2024

World map

Overview

Title

Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit

Victim

Cat-i Glass Manufacturing

Attacker

Black Suit

Location

South Elgin, USA

Illinois, USA

First Reported

May 18, 2024

Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit

Victim Overview

Cat-i Glass Manufacturing, a company based in South Elgin, Illinois, United States, was targeted by the ransomware group BlackSuit. The company, founded in 1965 as Elgin Precision Glass and later rebranded as Cat-i Glass Manufacturing in 1995, specializes in the design, manufacture, and installation of glass products for various applications.

Company Profile

With over 25 years of experience in the glass industry, Cat-i Glass Manufacturing stands out for its engineering-driven approach, diversified product range, large production space spanning over 100,000 sq ft, and customized solutions for residential and commercial projects. As of 2024, Cat-i Glass Manufacturing has 56 employees and a revenue of $26.9 million.

Attack Overview

The ransomware group BlackSuit targeted Cat-i Glass Manufacturing's systems and data, demanding a ransom of $100,000 for restoring access to the company's resources. The attackers utilized the .blacksuit extension for encrypted files and left a ransom note named README.BlackSuit.txt in affected directories.

Ransomware Group - BlackSuit

A ransomware family that emerged in 2023, Blacksuit, shares significant similarities with the notorious Royal ransomware group. The group targets both Windows and Linux systems, including VMware ESXi servers, and directs victims to a Tor chat site for ransom negotiations.

BlackSuit's close ties to the Royal ransomware group suggest that it may be a new variant developed by the same authors, a copycat using similar code, or an affiliate of the original gang. The ransomware's ability to target critical infrastructure like VMware ESXi servers poses a significant threat to organizations like Cat-i Glass Manufacturing.

Sources:

Glass Fabricators - Cat-i Glass Manufacturing

Cat-i Glass Manufacturing Official Website

Security Affairs - BlackSuit Ransomware

Bleeping Computer - The Week in Ransomware

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.