Ransomware Attack on Fortify Enterprise Inc. by APT73

Incident Date:

May 8, 2024

World map



Ransomware Attack on Fortify Enterprise Inc. by APT73


Fortify Enterprise Inc.




Richmond, Canada

, Canada

First Reported

May 8, 2024

Ransomware Attack on Fortify Enterprise Inc. by APT73

Victim Profile: Fortify Enterprise Inc.

Fortify Enterprise Inc., a software development company established in 2015, is renowned for crafting dependable software solutions customized for businesses. Their emphasis on quality and reliability has garnered them a reputation as industry professionals. However, like many digital-centric enterprises, they face vulnerability to cyber attacks, given their reliance on online platforms and handling of sensitive corporate data. This susceptibility makes them potential targets for threat actors aiming to exploit valuable information.

APT73 attacks Fortify

In the cybersecurity incident involving APT73 targeting Fortify Enterprise Inc., the attackers exfiltrated sensitive data, including SSH public keys, full login admin credentials, passports, and potentially more information. They used ransomware as their method of attack. The leaked data represents a considerable security threat to the company. Operating its website from an IP address located in Prague, Czechia, APT73 utilizes AS9009, associated with various malicious activities and ransomware groups. Their logo, depicting a venomous snake with spider legs, is adapted with a red color scheme for their data leak site named "ERALEIGNEWS".


APT73 - ERALEIGNEWS: Unveiling New Ransomware Group

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.