Royal attacks Tachi-S Engineering USA
Date:
June 10, 2023
Overview
Title
Royal attacks Tachi-S Engineering USA
Victim
Tachi-S Engineering USA
Attacker
Royal
Location
Size of Attack
Unknown/TBD
First Reported
June 10, 2023
Last Updated
October 31, 2022
The Royal ransomware gang has allegedly attacked the Penncrest School District. Penncrest School District is a medium-sized public school district situated primarily in Crawford County, located in Northwest Pennsylvania. It also serves a small portion of Venango County, adjacent to its primary service area. The district covers multiple rural townships and boroughs. Royal claims to have stolen 164GB of data, including the personal information of students and employees and financial data. Royal has been active since September 2022 but has quickly become one of the more concerning ransomware operations. Royal is somewhat unique in that they prefer only partial encryption for larger files to evade detection before they choose to reveal the attack. Royal increased attack activity in late 2022 (and early 2023), prompting CISA and the FBI to issue alerts to critical infrastructure providers like the healthcare, communications, and education sectors. Royal uses its own custom-made file encryption program and leverages tools like Cobalt Strike or malware like Ursnif/Gozi. Evidence indicates they continue to invest heavily in development, expanding their operations and capabilities. The RaaS platform includes advanced security evasion and anti-analysis capabilities that can hinder
This attack's description was not found, while we work on the detailed account of this attack we invite you to browse through other recent Rasomware Attacks in the table below.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.