REV Drill Sales & Rentals Targeted in Ransomware Attack by Akira Group

Incident Date:

April 8, 2024

World map

Overview

Title

REV Drill Sales & Rentals Targeted in Ransomware Attack by Akira Group

Victim

REV Drill Sales & Rentals

Attacker

Akira

Location

Frederick, USA

Maryland, USA

First Reported

April 8, 2024

Ransomware Attack on REV Drill Sales & Rentals

Overview

REV Drill Sales & Rentals Inc, founded in 1999, is a privately held company based in Frederick, MD. They specialize in offering economical drilling solutions and providing exceptional customer service to clients in the Construction sector. The company has a revenue of $5 million and employs 11-20 individuals. The cybercriminal group Akira launched a ransomware attack on the company in April 2024 which reportedly took financial documents, HR data, employee details, and more data of sensitive nature.

Company Standout Features

The company attacked is known for its revolutionary approach to drilling, with the unique design that can be easily attached to and removed from any excavator using existing excavator hydraulics. They offer a wide range of drilling solutions, including continuous flight, short auger, and down hole hammer applications. The company is committed to supporting clients from start to finish, providing value-engineering principles and on-site support.

Vulnerabilities

Being a small to medium-sized business in the construction industry, REV Drill Sales & Rentals is vulnerable to cyber attacks, especially ransomware attacks. The Akira ransomware group, known for targeting SMBs, has recently claimed an attack on the company. Akira ransomware is notorious for encrypting files, stealing corporate data, and demanding significant ransoms. The group has been observed using various tools to gain initial access and establish persistence in victim environments.

Sources:


REV Drill Sales & Rentals Website
Trend Micro - Ransomware Spotlight: Akira
Check Point - Ransomware Threat Prevention

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.