Several organisations Being Targeted by the Ako Ransomware Operators – Massive Data Leak

Just like other ransomware operator groups such as Maze, DopplePaymer, REvil, etc. The trending ransomware operator group named Ako recently targeted a well-established supplier of machined components and leaked their confidential data online.

Jamestan Engineering LTD was been established in the year 1979. From then, they have been supplying precision machined components to a wide range of customers. Having a skilled workforce who are been coupled with regular investment in new machinery has resulted in the company being able to deliver quality products at the keen prices demanded in today’s market. Located by the bank of the River Torridge in a 10,000 Sq ft facility, Jamestan possesses the skills and equipment to satisfy one-off Tooling and Fixture requirements through to medium batch complex CNC Turn / Mill and 5 Axis Milled parts. The recent addition of 2 Citizen M32 sliding head lathes, has further enabled Jamestan to successfully compete for the production of small precision components in significant volume. Compliance with ISO9001:2008 and AS9100 Rev B provides customers with confidence that their business is being satisfied by a progressive, continually improving company.

Based on the information leaked, it appears that the negotiation between the ransomware operators and Jamestan Engineering failed, which made them leak some part of the data. The ransomware operators claim to have a large amount of company’s data, but as per now they just leaked a part of it. This small data leak from the large lot seems to be a warning for the company to accept the terms of the ransomware operators.

Below is the message posted by the Ako ransomware operators on their blog-:

A picture containing drawing

Description automatically generated

The Cyble Research Team has verified and reported this data leak. The data leak includes the financial and highly sensitive corporate operational documents of the company such as transfer of contracts, customer order forms, monthly invoices, company’s equipment inspection documents, and many more. Below is the snapshot of the list of few files being leaked from the large lot-:

A screenshot of a cell phone

Description automatically generated
A picture containing screenshot

Description automatically generated

This is just a small picture of the Ako ransomware operations. Along with that, Cyble’s researchers verified and reported the names of five more victims who fell into their trap. The names of the remaining victims are listed below-:

About Cyble:

Cyble Inc.’s mission is to provide organizations with a real-time view of their supply chain cyber threats and risks. Their SaaS-based solution powered by machine learning and human analysis provides organizations’ insights to cyber threats introduced by suppliers and enables them to respond to them faster and more efficiently.

Cyble strives to be a reliable partner/facilitator to its clients allowing them with unprecedented security scoring of suppliers through cyber intelligence sourced from open and closed channels such as OSINT, the dark web, and deep web monitoring and passive scanning of internet presence. Furthermore, the intelligence clubbed with machine learning capabilities fused with human analysis also allows clients to gain real-time cyber threat intel and help build better and stronger resilience to cyber breaches and hacks. Due to the nature of the collected data, the company also offer threat intelligence capabilities out-of-box to their subscribers.

Leave a Comment

Your email address will not be published.

%d bloggers like this: