Sunrise Erectors Hit by Major Ransomware Attack from Hunters International
Incident Date:
September 4, 2024
Overview
Title
Sunrise Erectors Hit by Major Ransomware Attack from Hunters International
Victim
Sunrise Erectors
Attacker
Hunters International
Location
First Reported
September 4, 2024
Ransomware Attack on Sunrise Erectors by Hunters International
Sunrise Erectors, a family-owned construction company based in Canton, Massachusetts, has recently fallen victim to a ransomware attack orchestrated by the cybercriminal group known as Hunters International. The attack has resulted in the exfiltration of 1TB of data, comprising 500,904 individual files, significantly impacting the company's operations and reputation.
About Sunrise Erectors
Established in 1996, Sunrise Erectors specializes in the design, engineering, furnishing, and installation of high-performance architectural exterior wall systems. The company operates primarily in the New England region, with a significant presence in Massachusetts, employing over 200 skilled professionals. Their comprehensive service offerings include the installation of entrance systems, storefronts, air barriers, and various metal and structural steel components. Sunrise Erectors is known for its commitment to quality, safety, and customer satisfaction, utilizing advanced technologies like Building Information Modeling (BIM) and 3D scanning to ensure precise coordination and integration of complex wall cladding systems.
Attack Overview
The ransomware attack on Sunrise Erectors was claimed by Hunters International via their dark web leak site. The attackers successfully exfiltrated a substantial amount of data, totaling 1TB. This breach has exposed sensitive information, potentially leading to significant financial and reputational damage for the company. The exact method of penetration remains unclear, but it is likely that the attackers exploited vulnerabilities in public-facing applications or employed phishing and social engineering tactics to gain initial access.
About Hunters International
Hunters International is a ransomware group that emerged in late 2023, recognized for its sophisticated operations and data leak strategies. Operating as a Ransomware-as-a-Service (RaaS) provider, the group focuses on both encrypting victim data and exfiltrating sensitive information for potential sale or leverage in ransom negotiations. The group employs a range of tactics to infiltrate organizations, including phishing, exploiting vulnerabilities, and social engineering. Their ransomware uses a combination of AES and RSA encryption methods and is written in Rust, enhancing its performance and security.
Penetration and Impact
Hunters International prioritizes data theft, allowing them to threaten victims with data leaks, increasing the pressure to pay ransoms. The group's operations have led to significant financial losses and reputational damage for affected organizations. In the case of Sunrise Erectors, the attackers' ability to exfiltrate 1TB of data underscores the importance of effective cybersecurity measures. The construction sector, with its reliance on advanced technologies and extensive project coordination, presents a lucrative target for ransomware groups seeking to exploit vulnerabilities.
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.