Ransomware Attack on HITC Telecom by Stormous Group Exposes 182GB Data
Incident Date:
July 9, 2024
Overview
Title
Ransomware Attack on HITC Telecom by Stormous Group Exposes 182GB Data
Victim
HITC Telecom
Attacker
Stormous
Location
First Reported
July 9, 2024
Ransomware Attack on HITC Telecom by Stormous Group
Overview of HITC Telecom
HITC Telecom, also known as HTC International Telecommunication Joint Stock Company, is a prominent telecommunications provider in Vietnam. The company offers a wide range of services, including mobile, internet, VoIP, and long-distance phone services. With a registered charter capital of approximately $4.3 million, HITC Telecom is headquartered in Hanoi and is recognized as a leading brand in Vietnam and Asia. The company is known for its expertise in wired telecommunications activities and its extensive service portfolio.
Services and Vulnerabilities
HITC Telecom provides critical services such as data center facilities monitoring and site surveys. These services are essential for maintaining and securing telecommunications infrastructure. However, the complexity and sensitivity of these operations make the company a prime target for cyberattacks. The recent ransomware attack highlights the vulnerabilities in their network security, particularly in protecting sensitive data from sophisticated threat actors.
Details of the Ransomware Attack
In a recent cyberattack, the Stormous ransomware group claimed to have stolen approximately 182 GB of sensitive data from HITC Telecom. The group listed HITC Telecom as a victim on their dark web leak site, indicating a significant breach and data exfiltration. Specific details regarding the ransom demands or the company's response have not been disclosed. The attack underscores the growing threat of ransomware to critical infrastructure providers.
Profile of the Stormous Ransomware Group
Stormous is a ransomware group known for its pro-Russian stance and its involvement in high-profile cyberattacks. Active since 2021, the group employs double extortion tactics, threatening to leak sensitive data if ransom demands are not met. Stormous has claimed responsibility for numerous attacks, including breaches of major companies and governmental bodies. The group has recently reactivated its data leak site and formed partnerships with other cybercriminal organizations to expand its operations.
Penetration Tactics
Stormous likely penetrated HITC Telecom's systems through sophisticated phishing attacks, exploiting vulnerabilities in the company's network security. The group's use of double extortion tactics adds pressure on victims to comply with ransom demands, leveraging the potential reputational damage of data leaks. The attack on HITC Telecom highlights the need for robust cybersecurity measures to protect sensitive data and critical infrastructure.
Sources
- HTC International Telecommunication Joint Stock Company - LinkedIn
- HTC International Telecommunication Joint Stock Company - VNBIS
- HTC International Telecommunication Joint Stock Company - Top Brand Vietnam Asia
- Who is Stormous Ransomware Group? - SOCRadar
- Stormous: The Pro-Russian Clout-Hungry Ransomware Gang - Trustwave
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.