Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit
Incident Date:
May 18, 2024
Overview
Title
Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit
Victim
Cat-i Glass Manufacturing
Attacker
Black Suit
Location
First Reported
May 18, 2024
Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit
Victim Overview
Cat-i Glass Manufacturing, a company based in South Elgin, Illinois, United States, was targeted by the ransomware group BlackSuit. The company, founded in 1965 as Elgin Precision Glass and later rebranded as Cat-i Glass Manufacturing in 1995, specializes in the design, manufacture, and installation of glass products for various applications.
Company Profile
With over 25 years of experience in the glass industry, Cat-i Glass Manufacturing stands out for its engineering-driven approach, diversified product range, large production space spanning over 100,000 sq ft, and customized solutions for residential and commercial projects. As of 2024, Cat-i Glass Manufacturing has 56 employees and a revenue of $26.9 million.
Attack Overview
The ransomware group BlackSuit targeted Cat-i Glass Manufacturing's systems and data, demanding a ransom of $100,000 for restoring access to the company's resources. The attackers utilized the .blacksuit extension for encrypted files and left a ransom note named README.BlackSuit.txt in affected directories.
Ransomware Group - BlackSuit
A ransomware family that emerged in 2023, Blacksuit, shares significant similarities with the notorious Royal ransomware group. The group targets both Windows and Linux systems, including VMware ESXi servers, and directs victims to a Tor chat site for ransom negotiations.
BlackSuit's close ties to the Royal ransomware group suggest that it may be a new variant developed by the same authors, a copycat using similar code, or an affiliate of the original gang. The ransomware's ability to target critical infrastructure like VMware ESXi servers poses a significant threat to organizations like Cat-i Glass Manufacturing.
Sources:
Glass Fabricators - Cat-i Glass Manufacturing
Cat-i Glass Manufacturing Official Website
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.