Sislocar Sel CR SA Hit by LockBit 3.0 Ransomware
Incident Date:
May 9, 2024
Overview
Title
Sislocar Sel CR SA Hit by LockBit 3.0 Ransomware
Victim
Sislocar Sel CR SA
Attacker
Lockbit3
Location
First Reported
May 9, 2024
Ransomware Attack on Sislocar Sel CR SA by LockBit 3.0
Ransomware Attack
The company based in Costa Rica, Sislocar, faced a ransomware attack carried out by LockBit 3.0. The hacker stole 0.4 GB of data, which included clients' information, scans, certificates, and other confidential data. LockBit 3.0 sets itself apart by encrypting files, altering filenames, changing desktop backgrounds, and leaving ransom notes. The ransomware is heavily obfuscated, posing a challenge for security experts to dissect. It can navigate through a network and erase its traces, heightening its stealthiness.
Company Profile
Sislocar offers integrated logistics solutions covering bonded warehouses, international transportation, customs services, and tax warehouses in key customs offices. They focus on optimizing supply chains, providing tax exemptions in their Free Zone, streamlining import/export operations, and ensuring efficient storage and compliance. Sislocar's strategic location enhances its services, making it a reliable partner for businesses in international trade.
LockBit May Attacks
This incident is part of the May 2024 attacks orchestrated by LockBit 3.0, a cybercriminal group that reemerged after its infrastructure was disrupted in February during "Operation Cronos." LockBit swiftly targeted more than 50 victims upon reactivating its platform, demonstrating its widespread influence and adaptability.
Company Vulnerabilities
The company's combination of logistics services and storage of sensitive client data make it an enticing target for threat actors like LockBit 3.0. The company's strategic position and involvement in the transportation industry may have exposed vulnerabilities that were exploited in the ransomware incident.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.