Ransomware Attack on Suntrust Properties by Sarcoma Group
Incident Date:
October 9, 2024
Overview
Title
Ransomware Attack on Suntrust Properties by Sarcoma Group
Victim
Suntrust Properties
Attacker
Sarcoma
Location
First Reported
October 9, 2024
Ransomware Attack on Suntrust Properties by Sarcoma Group
Suntrust Properties, a leading real estate developer in the Philippines, has become the latest victim of a ransomware attack by the newly emerged cybercriminal group, Sarcoma. This incident highlights the growing threat of ransomware attacks on businesses across various sectors, including real estate.
About Suntrust Properties
Established in 1997 as a subsidiary of Megaworld Corporation, Suntrust Properties has carved a niche in the Philippine real estate market by providing affordable housing solutions. With a workforce of approximately 939 employees, the company manages over 50 developments nationwide, focusing on residential and commercial properties. Suntrust is recognized for its commitment to creating master-planned communities that cater to the diverse needs of Filipino families, blending innovation with affordability.
Attack Overview
The ransomware attack on Suntrust Properties was claimed by Sarcoma, a group that has quickly gained notoriety for its aggressive tactics. Sarcoma has listed Suntrust among more than 30 victims on its dark web portal, indicating a significant breach. The attack underscores the vulnerabilities that real estate companies face, particularly those with extensive digital operations and customer data.
About Sarcoma Ransomware Group
Sarcoma is a relatively new player in the ransomware landscape, having emerged with its first notable attacks in October. The group has targeted a diverse range of industries, with a slight preference for regions such as the USA, Canada, Australia, and Spain. Sarcoma distinguishes itself by not publicly listing ransom amounts, instead leveraging data leaks as a primary means of coercion. The group operates a darknet leak site where it lists its victims and provides evidence of stolen data, promoting itself as a means to highlight poor security practices among organizations.
Potential Vulnerabilities
While the specific method of penetration into Suntrust's systems remains unclear, common vulnerabilities in real estate companies include outdated software, insufficient cybersecurity measures, and the handling of large volumes of sensitive customer data. These factors can make such companies attractive targets for ransomware groups like Sarcoma, which employ tactics such as data exfiltration and double extortion strategies.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.