The REvil ransomware operators target Leader Creek Fisheries and Alaska General Seafood, two well-known seafood companies. In this instance, they struck and downloaded their sensitive and highly confidential documents from the company’s database.
Founded in the year 1999, Leader Creek Fisheries is a producer of wild Alaskan sockeye salmon products in Naknek, AK. Their all-refrigerated fishing fleet was the first of its kind in Bristol Bay and will forever be one of the cornerstones of our quality-focused operation. They specialize in producing premium fresh-frozen, boneless fillets, and every summer they invite approximately 400 highly motivated, hard-working men and women from across the country to come work at their shoreside plant and be a part of the Leader Creek family. Whereas, Alaska General Seafoods (AGS) is a socially responsible seafood processing company that purchases fresh seafood from independent fishermen, who harvest their wild catch from sustainable fisheries in a responsible manner from the cold pristine waters of Alaska. AGS produces canned, fresh, and frozen seafood and sells to wholesale customers around the world. Their seafood products are manufactured in processing facilities that are certified at the highest levels, by both state and federal regulators and independent food inspection agencies, to ensure our seafood products are wholesome and of high quality.
The Cyble Research Team has noticed multiple folders, which seems to consist of sensitive and corporate operational data being posted by the REvil ransomware operators.
Below is the snapshot of list of folders being leaked by the REvil ransomware operators-:
It seems that if the company does not comply with the terms of the ransomware operators then they might leak a total of 100 GB of company’s sensitive files online.
We recommend people to:
- Never share personal information, including financial information over the phone, email or SMSs
- Use strong passwords and enforce multi-factor authentication where possible
- Regularly monitor your financial transaction, if you notice any suspicious transaction, contact your bank immediately.
- Turn-on automatic software update feature on your computer, mobile and other connected devices where possible and pragmatic
- Use a reputed anti-virus and internet security software package on your connected devices including PC, Laptop, Mobile
People who are concerned about their exposure in darkweb can register at AmiBreached.com to ascertain their exposure.
Cyble is a US-based cyber threat intelligence company with the express mission to provide organizations with real-time views of their supply chain cyber threats and risks.