Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Ransomhub Targets Industrial Control Systems

May 23, 2024
Reading Time: 3 mins read
in Alerts
Ransomhub Targets Industrial Control Systems

Ransomhub, a recently emerged ransomware group, has launched a targeted attack on the Supervisory Control and Data Acquisition (SCADA) system of Matadero de Gijón, a Spanish bioenergy plant. This attack underscores the severe vulnerabilities present in Industrial Control Systems (ICS) and the urgent need for enhanced security measures to protect these critical infrastructures. Since 2022, cyberattacks on ICS have disrupted operations across various industries, emphasizing the critical nature of these systems.

Ransomhub claims to have gained unauthorized access to the plant’s SCADA system, controlling essential processes like the Digester and Heating systems. The group provided screenshots as proof of their infiltration, though the exact extent of the data breach remains unclear, with estimates ranging from 15 GB to 400 GB. Ransomhub, a Ransomware-as-a-Service (RaaS) operation, uses advanced cryptographic techniques, including asymmetric cryptography (x25519) and symmetric algorithms (aes256, chacha20, and xchacha20), to encrypt victim data rapidly.

The group has excluded attacks on CIS countries, Cuba, North Korea, and China, suggesting potential pro-Russian affiliations. Since their debut in February 2024, Ransomhub has claimed responsibility for 68 attacks, mainly targeting the IT and ITES sectors and organizations in the United States. They have been attempting to expand their reach by recruiting affiliates from other ransomware groups, though with limited success.

Security experts warn that Ransomhub’s use of stolen credentials from Initial Access Brokers to target SCADA systems with connected Virtual Network Computing (VNC) devices signals a growing interest in ICS environments among ransomware groups. This trend necessitates a critical reassessment of cybersecurity strategies to protect these vital infrastructures from future attacks. As ransomware groups continue to evolve, the threat to Operational Technology (OT) environments is expected to increase.

Reference:

  • Ransomhub Group Targets Supervisory Control and Data Acquisition System

Tags: ChinaCryptographicCubaCyber AlertCyber Alerts 2024Cyber RiskCyber threatMay 2024North KoreaRansomHubScadaSpainThreat Actors
ADVERTISEMENT

Related Posts

OneDrive Flaw Gives Sites Full Data Access

OneDrive Flaw Gives Sites Full Data Access

May 30, 2025
OneDrive Flaw Gives Sites Full Data Access

Fake AI Apps Drop Ransomware And Malware

May 30, 2025
OneDrive Flaw Gives Sites Full Data Access

EDDIESTEALER Uses Fake CAPTCHAs for Stealing

May 30, 2025
APT41 Uses Google Calendar For C2 Operations

APT41 Uses Google Calendar For C2 Operations

May 29, 2025
APT41 Uses Google Calendar For C2 Operations

New PumaBot IoT Botnet Uses SSH Attack

May 29, 2025
APT41 Uses Google Calendar For C2 Operations

New NodeSnake RAT Hits UK Universities

May 29, 2025

Latest Alerts

EDDIESTEALER Uses Fake CAPTCHAs for Stealing

Fake AI Apps Drop Ransomware And Malware

OneDrive Flaw Gives Sites Full Data Access

New PumaBot IoT Botnet Uses SSH Attack

APT41 Uses Google Calendar For C2 Operations

New NodeSnake RAT Hits UK Universities

Subscribe to our newsletter

    Latest Incidents

    State Actors Hit ConnectWise ScreenConnect

    Ivanti Flaw Hits NHS Staff and Patient Data

    Amalgamated Sugar Data Breach Exposes SSNs

    Cork Protocol Paused After $12M Exploit

    Victoria’s Secret Site Down After Breach

    LexisNexis GitHub Breach Affects 364K People

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial