RansomHub, a ransomware group known for its cyber extortion tactics, has allegedly claimed the Farmacia AL SHEFA cyberattack, adding the pharmacy to its list of victims. The group announced a post on their dark web channel, shedding light on their cyberattack on Farmacia AL SHEFA.
Farmacia AL SHEFA, boasting over two decades of experience in providing quality pharmaceutical services, found itself caught in the crosshairs of cybercriminals despite its commitment to patient health and professional standards.
Decoding the Farmacia AL SHEFA Cyberattack
The threat actor’s post on the dark web channel detailed crucial information regarding the attack, including a countdown timer indicating that data stolen from the cyberattack would be made public after a specified duration of 856 hours, 42 minutes, and 58 seconds, equivalent to approximately 35 days.
The Cyber Express, upon learning of this cyberattack on Farmacia AL SHEFA, reached out to the organization. However, as of the time of reporting, no official statement or response has been issued by Farmacia AL SHEFA, leaving the claims surrounding the cyberattack unverified.
Despite the lack of immediate visible impact on Farmacia AL SHEFA’s website, which appears to be operational, it is speculated that the cybercriminals targeted the backend systems rather than launching a front-end assault such as DDoS or defacement, a tactic commonly employed by ransomware groups to extort victims.
Who is the RansomHub Ransomware Group?
According to findings by the iZOOlogic research team, RansomHub has emerged as a popular player in the realm of cybercrime. The group’s modus operandi and objectives were elucidated through their dark web post, revealing their status as a financially motivated hacking collective with members spanning across various countries. Notably, the group explicitly stated their non-targeting policy towards certain countries and organizations, including Cuba, North Korea, China, Romania, and the CIS.
In addition to outlining its operational guidelines, RansomHub emphasized its commitment to ensuring compliance with negotiated agreements and promptly providing decryptors upon ransom payment. The group’s strict rules include banning affiliates who fail to adhere to agreements and refraining from targeting non-profit organizations.
Moreover, RansomHub pledges to respond to ransom-paying victims within 48 hours to address any breaches of their rules by affiliates. Despite its selective targeting and operational guidelines, RansomHub poses a big threat to organizations worldwide, with its recent cyberattack on Farmacia AL SHEFA highlighting the ever-growing menace of ransomware groups.
Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only, and users bear full responsibility for their reliance on it. The Cyber Express assumes no liability for the accuracy or consequences of using this information.