Ransomware Hits Dreyfuss + Blackford by Hunters International
Incident Date:
October 4, 2024
Overview
Title
Ransomware Hits Dreyfuss + Blackford by Hunters International
Victim
Dreyfuss + Blackford Architecture
Attacker
Hunters International
Location
First Reported
October 4, 2024
Ransomware Attack on Dreyfuss + Blackford Architecture by Hunters International
Dreyfuss + Blackford Architecture, a renowned architectural firm based in Northern California, has recently fallen victim to a ransomware attack orchestrated by the cybercriminal group Hunters International. This attack has resulted in the compromise of a substantial amount of sensitive data, highlighting the vulnerabilities faced by organizations in the business services sector.
About Dreyfuss + Blackford Architecture
Founded in 1950, Dreyfuss + Blackford Architecture is a prominent firm known for its modernist aesthetic and commitment to thoughtful design. With offices in Sacramento and San Francisco, the firm employs between 1 to 50 staff members and reports annual revenues ranging from $5 million to $25 million. Their diverse portfolio includes projects in commercial, healthcare, educational, and cultural sectors, emphasizing the connection between people and their environments. The firm's philosophy, "Utility is Beautiful," underscores their approach to creating functional yet aesthetically pleasing spaces.
Details of the Ransomware Attack
The attack by Hunters International has compromised 652.8GB of data across 168,887 files, including 34.5GB of private data and 25.4GB of marketing data. The breach also affected information related to the Chief Financial Officer, though specific details remain undisclosed. This incident underscores the extensive reach of the ransomware attack, impacting various categories of sensitive and operational data within the organization.
About Hunters International
Hunters International is a ransomware group that emerged in late 2023, known for its sophisticated operations and data leak strategies. Operating as a Ransomware-as-a-Service provider, the group prioritizes data exfiltration over encryption, leveraging stolen data for ransom negotiations. Their ransomware employs advanced AES and RSA encryption techniques, written in Rust for enhanced performance and security. The group is believed to have origins in Eastern Europe, complicating law enforcement efforts to disrupt their operations.
Potential Vulnerabilities and Attack Penetration
Hunters International likely penetrated Dreyfuss + Blackford's systems through tactics such as phishing, exploiting vulnerabilities in public-facing applications, or social engineering. The firm's relatively small size and focus on diverse projects may have made it an attractive target for threat actors seeking to exploit potential security gaps. The attack highlights the importance of comprehensive cybersecurity measures to protect sensitive data and maintain operational integrity.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.