The renowned Taiwan-based MIRLE Group, specializing in intelligent automation solutions, has allegedly fallen prey to the infamous LockBit ransomware group.
The cybercriminals have posted about this MIRLE Group cyberattack on their dark web forum with an ultimatum, threatening to expose the organization’s sensitive data on December 8, 2023.
As the clock ticks, MIRLE Group finds itself entangled in the web of a potential data breach orchestrated by the threat actor.
Decoding MIRLE Group Data Breach
Founded in 1989, MIRLE Group has emerged as a global leader in intelligent automation, with a workforce exceeding 1,500 dedicated professionals. The company’s commitment to cutting-edge factory automation services, driven by three decades of expertise in AI, cloud computing, and digital twin technology, has solidified its position in the industry.
The Cyber Express sought to unravel the details surrounding the MIRLE Group cyberattack, reaching out for an official statement. Regrettably, at the time of this report, no response or confirmation has been received from MIRLE Group, leaving the claims of the cyberattack unverified.
While the MIRLE Group website appears to be operational with no apparent signs of a cyberattack, there is speculation that the attack may have targeted the company’s database, thus remaining undetected on the surface.
Who is the LockBit Ransomware Group?
LockBit ransomware group, a cybercriminal gang operating under the ransomware-as-a-service (RaaS) model, has gained notoriety for its double extortion tactics. This involves encrypting victim data and threatening to leak it unless their monetary demands are met.
According to a joint statement by various government agencies, LockBit ransomware group ranked as the world’s most prolific ransomware in 2022, responsible for 44% of global ransomware incidents.
In the United States alone, between January 2020 and May 2023, LockBit ransomware group was implicated in approximately 1,700 ransomware attacks, amassing a staggering $91 million in ransom payments. Notably, the group remains financially motivated, with no formal attribution to any specific nation-state.
The LockBit ransomware group has drawn attention for its creation of “StealBit,” a malware tool automating the extraction of data. Released alongside LockBit 2.0, this tool exhibits fast and efficient encryption capabilities. Additionally, LockBit expanded its reach with the introduction of Linux-ESXI Locker version 1.0, targeting Linux hosts, particularly ESXi servers.
LockBit’s extensive reach extends across various industries globally, with healthcare and education sectors emerging as primary targets. The United States, India, and Brazil top the list of countries most frequently subjected to LockBit’s malicious activities, according to Trend Micro.
This is an ongoing story and TCE is closely monitoring the situation. We’ll update this post once we have more information on the MIRLE Group cyberattack or the official confirmation from the organization.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.