Thaayakam LTD Targeted in Ransomware Attack by RansomHub
Incident Date:
May 6, 2024
Overview
Title
Thaayakam LTD Targeted in Ransomware Attack by RansomHub
Victim
Thaayakam LTD
Attacker
Ransomhub
Location
First Reported
May 6, 2024
RansomHub Targets Thaayakam LTD in Ransomware Attack
Company Profile: Thaayakam LTD
Thaayakam LTD, a burgeoning IT service provider based in Romford, United Kingdom, was founded in 2021. Specializing in high-tech solutions that leverage emerging technologies, the company offers services in cloud consultation, mobile application development, web development, and brand designing. With a focus on innovation, Thaayakam maintains a small yet dedicated team of less than 10 employees, aiming to address complex real-world challenges through technology.
Despite its small size, Thaayakam stands out in the Business Services sector for its commitment to integrating modern technologies into its service offerings, catering to a global clientele from its offices in the UK and Sri Lanka.
Details of the Ransomware Attack
RansomHub, a ransomware group with suspected roots in Russia, has claimed responsibility for the attack on Thaayakam LTD. The group, known for its Ransomware-as-a-Service (RaaS) operations, reportedly exfiltrated 10.7 GB of data from Thaayakam's systems. The specifics of the ransom demand have not been disclosed, but the incident marks a significant security breach for the IT service provider.
RansomHub's Modus Operandi
RansomHub distinguishes itself in the cybercrime landscape through its use of Golang-written ransomware strains, a trend that aligns with some of the latest developments in ransomware technology. The group operates by allowing affiliates to keep 90% of the ransom proceeds, which incentivizes widespread participation in their RaaS model.
Potential Vulnerabilities and Entry Points
Given Thaayakam's focus on emerging technologies and its relatively recent establishment, it is plausible that the company's rapid growth and technological implementations might have left certain vulnerabilities unaddressed. These could include insufficiently secured endpoints, lack of robust encryption practices, or gaps in employee cybersecurity training, which are common entry points for ransomware attacks.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.