Ransomware Attack on Daldoss Elevetronic Highlights Manufacturing Vulnerabilities
Incident Date:
October 9, 2024
Overview
Title
Ransomware Attack on Daldoss Elevetronic Highlights Manufacturing Vulnerabilities
Victim
Daldoss Elevetronic
Attacker
8base
Location
First Reported
October 9, 2024
Ransomware Attack on Daldoss Elevetronic by 8Base Group
The ransomware group 8Base has claimed responsibility for a cyberattack on Daldoss Elevetronic, a prominent player in the manufacturing sector specializing in vertical transport solutions. This attack highlights the vulnerabilities faced by companies in the manufacturing industry, particularly those with a strong international presence and a commitment to innovation.
About Daldoss Elevetronic
Daldoss Elevetronic S.p.A. is a family-run company based in Pergine Valsugana, Italy, with over 70 years of experience in designing and manufacturing elevators, including passenger lifts, dumbwaiters, and goods lifts. The company is renowned for its focus on quality, innovation, and customization, offering tailored lift solutions to meet specific client needs. With more than 150,000 installations worldwide, Daldoss has established itself as a trusted supplier for major multinational companies, including a long-standing partnership with the British group Stannah.
Attack Overview
The 8Base ransomware group executed a sophisticated attack on Daldoss Elevetronic, compromising a wide array of sensitive information such as invoice receipts, accounting documents, personal data, certificates, employment contracts, and confidential agreements. This breach is part of a broader campaign by 8Base, targeting 13 companies across various industries and countries, including notable firms from France, the United States, Italy, and Belgium. Despite the ransom deadline passing on September 30th, the data has not been released, leaving the status of negotiations uncertain.
About the 8Base Ransomware Group
Emerging in April 2022, the 8Base ransomware group has evolved into a sophisticated double-extortion operation. Known for its aggressive tactics, the group employs AES-256 encryption and utilizes a variant of the Phobos ransomware. They typically gain initial access through phishing emails or by purchasing compromised credentials from initial access brokers on the Dark Web. The group targets small to medium-sized businesses across various sectors, with a significant focus on manufacturing, finance, healthcare, and information technology.
Potential Vulnerabilities
Daldoss Elevetronic's extensive international operations and reliance on digital systems for customization and client interaction may have made it an attractive target for the 8Base group. The company's commitment to innovation and quality, while a strength, also necessitates effective cybersecurity measures to protect against sophisticated threat actors like 8Base.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.