Ransomware Attack on Jess-Link Products: Hunters International
Incident Date:
May 20, 2024
Overview
Title
Ransomware Attack on Jess-Link Products: Hunters International
Victim
Jess-link Products
Attacker
Hunters International
Location
First Reported
May 20, 2024
Ransomware Attack on Jess-Link Products by Hunters International
Victim Overview
Jess-Link Products Co Ltd, a Taiwan-based company, specializing in manufacturing peripherals for computers, communication equipment, and Information Appliance/Internet Appliance. Founded in 1992, the company operates under an OEM/ODM business model, providing designing and manufacturing outsourcing services. With a revenue of $150 million and 2,343 employees, Jess-Link Products is a significant player in the wireless and storage industries.
Company Profile
The company stands out in the industry for its expertise in designing, developing, consolidating, and marketing consumer electronic products. They offer services such as pre-construction planning, design-build, construction management, and general contracting, focusing on commercial construction projects.
Attack Overview
Earlier this year, Jess-Link Products fell victim to a ransomware attack orchestrated by the cybercriminal group Hunters International. The attack resulted in significant data breaches, compromising corporate documents, employee information, and customer data. Hunters International is known for targeting organizations across various sectors and demanding large ransoms for decryption keys to restore access to compromised systems.
Ransomware Group Details
Hunters International distinguishes itself from other ransomware groups by focusing on stealing data rather than encrypting it. They have customized ransomware to enhance simplicity and efficiency, making it easier for operatives to use. The group's main targets span across healthcare, automotive, manufacturing, logistics, financial, educational, and food sectors worldwide.
Attack Vector
The ransomware group could have penetrated Jess-Link Products' systems through various means, including phishing attacks, exploiting vulnerabilities in the company's network, or through malicious email attachments. Open source investigation has become a crucial skill for threat hunters to track down threat actors and prevent such attacks in the future.
Sources:
- Bloomberg
- CENS
- Dun & Bradstreet
- RF Cables
- Reuters
- SocRadar
- NPR
- SocRadar
- CISA
- Infosecurity Europe
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.