Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Ransomhub Targets Industrial Control Systems

May 23, 2024
Reading Time: 3 mins read
in Alerts
Ransomhub Targets Industrial Control Systems

Ransomhub, a recently emerged ransomware group, has launched a targeted attack on the Supervisory Control and Data Acquisition (SCADA) system of Matadero de Gijón, a Spanish bioenergy plant. This attack underscores the severe vulnerabilities present in Industrial Control Systems (ICS) and the urgent need for enhanced security measures to protect these critical infrastructures. Since 2022, cyberattacks on ICS have disrupted operations across various industries, emphasizing the critical nature of these systems.

Ransomhub claims to have gained unauthorized access to the plant’s SCADA system, controlling essential processes like the Digester and Heating systems. The group provided screenshots as proof of their infiltration, though the exact extent of the data breach remains unclear, with estimates ranging from 15 GB to 400 GB. Ransomhub, a Ransomware-as-a-Service (RaaS) operation, uses advanced cryptographic techniques, including asymmetric cryptography (x25519) and symmetric algorithms (aes256, chacha20, and xchacha20), to encrypt victim data rapidly.

The group has excluded attacks on CIS countries, Cuba, North Korea, and China, suggesting potential pro-Russian affiliations. Since their debut in February 2024, Ransomhub has claimed responsibility for 68 attacks, mainly targeting the IT and ITES sectors and organizations in the United States. They have been attempting to expand their reach by recruiting affiliates from other ransomware groups, though with limited success.

Security experts warn that Ransomhub’s use of stolen credentials from Initial Access Brokers to target SCADA systems with connected Virtual Network Computing (VNC) devices signals a growing interest in ICS environments among ransomware groups. This trend necessitates a critical reassessment of cybersecurity strategies to protect these vital infrastructures from future attacks. As ransomware groups continue to evolve, the threat to Operational Technology (OT) environments is expected to increase.

Reference:

  • Ransomhub Group Targets Supervisory Control and Data Acquisition System

Tags: ChinaCryptographicCubaCyber AlertCyber Alerts 2024Cyber RiskCyber threatMay 2024North KoreaRansomHubScadaSpainThreat Actors
ADVERTISEMENT

Related Posts

Lumma Stealer Returns with New Tactics

npm Phishing Emails Target Developer Logins

July 23, 2025
Lumma Stealer Returns with New Tactics

Lumma Stealer Returns with New Tactics

July 23, 2025
Lumma Stealer Returns with New Tactics

MuddyWater Emerges Amid Iran-Israel Clash

July 23, 2025
3.5K Sites Hijacked to Secretly Mine Crypto

CrushFTP Warns of Exploit in the Wild

July 22, 2025
3.5K Sites Hijacked to Secretly Mine Crypto

3.5K Sites Hijacked to Secretly Mine Crypto

July 22, 2025
3.5K Sites Hijacked to Secretly Mine Crypto

7-Zip Flaw Lets Malicious Files Crash PCs

July 22, 2025

Latest Alerts

Lumma Stealer Returns with New Tactics

npm Phishing Emails Target Developer Logins

MuddyWater Emerges Amid Iran-Israel Clash

CrushFTP Warns of Exploit in the Wild

7-Zip Flaw Lets Malicious Files Crash PCs

3.5K Sites Hijacked to Secretly Mine Crypto

Subscribe to our newsletter

    Latest Incidents

    Weak Password Triggers Ransomware Old Firm

    US Nuclear Agency Breached in MS Hack

    European Healthcare Network Breached

    CoinDCX Says $44M Stolen from Reserves

    Poland Probes Air Traffic Control Issue

    Dior Alerts Customers After Cyberattack Hit

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial