Thaayakam LTD Targeted in Ransomware Attack by RansomHub

Incident Date:

May 6, 2024

World map



Thaayakam LTD Targeted in Ransomware Attack by RansomHub


Thaayakam LTD




Romford, United Kingdom

, United Kingdom

First Reported

May 6, 2024

RansomHub Targets Thaayakam LTD in Ransomware Attack

Company Profile: Thaayakam LTD

Thaayakam LTD, a burgeoning IT service provider based in Romford, United Kingdom, was founded in 2021. Specializing in high-tech solutions that leverage emerging technologies, the company offers services in cloud consultation, mobile application development, web development, and brand designing. With a focus on innovation, Thaayakam maintains a small yet dedicated team of less than 10 employees, aiming to address complex real-world challenges through technology.

Despite its small size, Thaayakam stands out in the Business Services sector for its commitment to integrating modern technologies into its service offerings, catering to a global clientele from its offices in the UK and Sri Lanka.

Details of the Ransomware Attack

RansomHub, a ransomware group with suspected roots in Russia, has claimed responsibility for the attack on Thaayakam LTD. The group, known for its Ransomware-as-a-Service (RaaS) operations, reportedly exfiltrated 10.7 GB of data from Thaayakam's systems. The specifics of the ransom demand have not been disclosed, but the incident marks a significant security breach for the IT service provider.

RansomHub's Modus Operandi

RansomHub distinguishes itself in the cybercrime landscape through its use of Golang-written ransomware strains, a trend that aligns with some of the latest developments in ransomware technology. The group operates by allowing affiliates to keep 90% of the ransom proceeds, which incentivizes widespread participation in their RaaS model.

Potential Vulnerabilities and Entry Points

Given Thaayakam's focus on emerging technologies and its relatively recent establishment, it is plausible that the company's rapid growth and technological implementations might have left certain vulnerabilities unaddressed. These could include insufficiently secured endpoints, lack of robust encryption practices, or gaps in employee cybersecurity training, which are common entry points for ransomware attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.