Ransomware Hits Denim Giant Evlox by 8Base Group
Incident Date:
October 9, 2024
Overview
Title
Ransomware Hits Denim Giant Evlox by 8Base Group
Victim
Evlox
Attacker
8base
Location
First Reported
October 9, 2024
Ransomware Attack on Evlox: A Deep Dive into the 8Base Group's Tactics
Evlox, a leading name in the denim manufacturing industry, has recently fallen victim to a ransomware attack orchestrated by the notorious 8Base group. This incident underscores the persistent threat posed by ransomware to businesses worldwide, particularly those in the manufacturing sector.
About Evlox
Evlox, formerly known as Tavex Europa, is a prominent player in the denim manufacturing industry with a history dating back to 1846. The company is headquartered in Madrid, Spain, and employs over 500 individuals. It boasts an impressive production capacity of approximately 15 million meters of premium denim annually, with a commercial presence in around 50 countries. Evlox is renowned for its commitment to quality and sustainability, as evidenced by its innovative REICONICS collection, which emphasizes circularity and reduced water consumption.
Attack Overview
The 8Base ransomware group has claimed responsibility for the attack on Evlox, which compromised a wide array of sensitive information, including invoice receipts, accounting documents, personal data, and confidential agreements. The attack was part of a broader campaign targeting 13 companies across various industries and countries, with the breaches being uploaded to the group's data leak site on September 23rd. Despite the ransom deadline passing on September 30th, the data has not been released, raising questions about the status of negotiations or the group's intentions.
About the 8Base Ransomware Group
The 8Base ransomware group has gained notoriety for its aggressive tactics and sophisticated double-extortion operations. Emerging in April 2022, the group employs AES-256 encryption and utilizes a variant of the Phobos ransomware. They typically gain entry through phishing emails or by purchasing compromised credentials on the Dark Web. The group distinguishes itself by mimicking legitimate penetration testing firms in its communication style, branding itself as "simple pentesters" to exert pressure on victims.
Potential Vulnerabilities
Evlox's reliance on modern technologies such as JavaScript and PHP for its digital operations may have presented vulnerabilities that the 8Base group exploited. The company's extensive global operations and significant production capacity make it an attractive target for ransomware groups seeking to inflict financial and reputational damage. This attack highlights the need for effective cybersecurity measures to protect against such threats.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.