Ransomware Attack on Vega Reederei GmbH & Co. KG: Metaencryptor Strikes Shipping Company
Incident Date:
May 7, 2024
Overview
Title
Ransomware Attack on Vega Reederei GmbH & Co. KG: Metaencryptor Strikes Shipping Company
Victim
Vega Reederei GmbH & Co. KG
Attacker
MetaEncryptor
Location
First Reported
May 7, 2024
Ransomware Attack on Vega Reederei GmbH & Co. KG
Attack Overview
Vega Reederei GmbH & Co. KG, a shipping company based in Hamburg, Germany, was targeted in a cybercrime attack by the ransomware group Metaencryptor. The attackers managed to exfiltrate 32 GB of data from the company's systems.
The company, founded in 1919, has a long history spanning three generations and focuses on sourcing highly qualified, homogeneous crew at competitive pricing. With about 50 employees in Hamburg, Vega Reederei is known for its quality, creativity, and teamwork approach to tackle challenges.
Company Overview
Vega Reederei GmbH & Co. KG operates in the transportation sector, specifically in shipping. The company manages a diversified fleet of vessels, including container ships, bulk carriers, and tankers, with a strong emphasis on technical knowledge, quality, and safety. They also offer crew management services through their subsidiary, ensuring a professional and consistent crew for efficient operations.
Standout Features
What sets Vega Reederei apart in the industry is their focus on technical knowledge, adaptability, and sustainability. The company's management team, composed of heads of departments across core business sections, ensures a unique understanding of the company's strategy. Additionally, Vega Reederei has ordered newbuildings designed for environmental impact reduction and efficiency enhancement, showcasing their commitment to sustainability.
Vulnerabilities
As a shipping company with a strong technical focus and valuable data on vessels, crew, and operations, Vega Reederei GmbH & Co. KG may have been targeted by threat actors like Metaencryptor due to the potential for financial gain through ransom demands or data exfiltration. The company's reliance on technology for efficient operations could have made them susceptible to cyber attacks.
Ransomware Group Analysis
Metaencryptor, the ransomware group behind the attack on Vega Reederei, is believed to have launched in August 2022 and amassed victims through July 2023. The group utilized a data leak site similar to the later LostTrust ransomware gang, indicating a possible rebranding. The ransomware encryption used by Metaencryptor was virtually identical to LostTrust, suggesting a strong connection between the two operations.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.