Ransomware Attack on Cat-i Glass Manufacturing by BlackSuit

Victim Overview

Cat-i Glass Manufacturing, a company based in South Elgin, Illinois, United States, was targeted by the ransomware group BlackSuit. The company, founded in 1965 as Elgin Precision Glass and later rebranded as Cat-i Glass Manufacturing in 1995, specializes in the design, manufacture, and installation of glass products for various applications.

Company Profile

With over 25 years of experience in the glass industry, Cat-i Glass Manufacturing stands out for its engineering-driven approach, diversified product range, large production space spanning over 100,000 sq ft, and customized solutions for residential and commercial projects. As of 2024, Cat-i Glass Manufacturing has 56 employees and a revenue of $26.9 million.

Attack Overview

The ransomware group BlackSuit targeted Cat-i Glass Manufacturing's systems and data, demanding a ransom of $100,000 for restoring access to the company's resources. The attackers utilized the .blacksuit extension for encrypted files and left a ransom note named README.BlackSuit.txt in affected directories.

Ransomware Group - BlackSuit

A ransomware family that emerged in 2023, Blacksuit, shares significant similarities with the notorious Royal ransomware group. The group targets both Windows and Linux systems, including VMware ESXi servers, and directs victims to a Tor chat site for ransom negotiations.

BlackSuit's close ties to the Royal ransomware group suggest that it may be a new variant developed by the same authors, a copycat using similar code, or an affiliate of the original gang. The ransomware's ability to target critical infrastructure like VMware ESXi servers poses a significant threat to organizations like Cat-i Glass Manufacturing.

Sources:

Glass Fabricators - Cat-i Glass Manufacturing

Cat-i Glass Manufacturing Official Website

Security Affairs - BlackSuit Ransomware

Bleeping Computer - The Week in Ransomware