Ransomware Attack on The Wacks Law Group: A Legal Firm's Vulnerability to Cyber Threats

Incident Date:

April 15, 2024

World map

Overview

Title

Ransomware Attack on The Wacks Law Group: A Legal Firm's Vulnerability to Cyber Threats

Victim

The Wacks Law Group, LLC

Attacker

Qilin

Location

Whippany, USA

New Jersey, USA

First Reported

April 15, 2024

Ransomware Attack on The Wacks Law Group by Qilin Group

Overview of the Attack

A New Jersey-based law firm, The Wacks Law Group, LLC, has recently fallen victim to a ransomware attack claimed by the Qilin ransomware group. This incident was disclosed through Qilin's dark web leak site, where they announced the exfiltration and encryption of sensitive data including personally identifiable information (PII), confidential documents, and non-disclosure agreements.

Company Profile

The Wacks Law Group is known for its specialized legal services in trust and estate planning, elder law, and business representation. The firm is described as having a reputable practice that has served numerous families and businesses, indicating a potentially extensive client database and a significant accumulation of sensitive information. Their reputation for personalized legal solutions highlights the critical nature of the data they handle.

Ransomware Group Profile

Qilin, also known as Agenda, is a ransomware-as-a-service (RaaS) entity that surfaced in 2022. It targets a variety of sectors worldwide, with a particular focus on critical infrastructure. The ransomware utilized by Qilin is noted for its sophistication, written in Rust and Go, which enhances its evasion capabilities. Their operations are marked by a double extortion scheme, which not only encrypts the data but also exfiltrates it, posing a dual threat to the victims.

Vulnerabilities and Implications

The firm’s focus on estate planning and business representation, combined with its extensive client relationships, makes it a prime target for cybercriminals seeking to leverage or monetize stolen data. This shows the need for enhanced cybersecurity measures within the legal sector, particularly for firms handling large volumes of sensitive client information.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.