vicesociety attacks Alliance Coal LLC

Incident Date:

January 6, 2022

World map

Overview

Title

vicesociety attacks Alliance Coal LLC

Victim

Alliance Coal LLC

Attacker

Vicesociety

Location

Lexington, USA

Kentucky, USA

First Reported

January 6, 2022

Alliance Resource Partners Faces Ransomware Attack by Vice Society

Alliance Resource Partners, a prominent coal producer in the eastern United States, has recently fallen victim to a ransomware attack orchestrated by the group known as Vice Society. This incident was disclosed on the group's dark web leak site, highlighting the ongoing cybersecurity threats faced by entities in the Energy, Utilities & Waste sector. Alliance Resource Partners is recognized for its dedication to corporate responsibility and sustainability, alongside being the largest coal producer in the eastern U.S. with seven underground mining complexes catering to both domestic and international electric power generation markets.

In addition to its coal operations, the company has a significant footprint in the oil & gas sector, boasting a growing portfolio of mineral and royalty interests across strategic oil & gas producing regions in the United States. Despite the comprehensive details provided on their website regarding coal operations, sustainability efforts, and strategic investments, specific information regarding the company's vulnerabilities to cyber threats remains undisclosed.

The Vice Society Ransomware Group

Vice Society is notorious for its profit-sharing model, which involves offering encryption services to affiliates targeting various organizations. The group's activities span across multiple regions, including China, Thailand, Indonesia, Europe, and America, demonstrating the global threat posed by ransomware attacks.

The International Counter Ransomware Initiative, spearheaded by the US, is actively working to undermine the financial infrastructure supporting threat actors like Vice Society. This initiative focuses on targeting the payment accounts of ransomware groups, employing information-sharing tools, and leveraging AI to scrutinize blockchains for tracing illicit funds. A key objective is to compile a comprehensive knowledge base on ransom payment accounts and circulate a blacklist of digital wallets associated with ransom payments, coordinated through the US Department of Treasury.

The attack on Alliance Resource Partners serves as a stark reminder of the escalating threat landscape, with ransomware attacks increasingly targeting businesses and government entities. This trend is alarming, with a reported 623.3 million ransomware attacks in the previous year and an additional 236.1 million in the first half of 2022 alone.

The proactive measures taken by the International Counter Ransomware Initiative to disrupt the financial mechanisms of cybercriminals represent a critical step forward. However, the persistent rise in ransomware attacks underscores the urgent need for enhanced vigilance and the implementation of comprehensive cybersecurity measures by companies to safeguard their operations and sensitive data.

Sources

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.