LockBit5 has claimed a ransomware incident against merlo.de, threatening data exfiltration and ransom demands tied to Merlo Teleskoplader products and related services. The message casts Merlo Teleskoplader as a professional asset for professionals, using the ‘von Profis für Profis’ framing and promising specialized support for every deployment #Germany
Category: Ransom Monitor
LockBit5 claims to have compromised heinrichs-logistic.de, targeting D. Heinrichs Logistic GmbH, a leading logistics service provider based in Bremerhaven. The group threatens to leak stolen data unless a ransom is paid #Germany
An alleged ransomware claim centers on bladex.com in Panama, naming LockBit 5 as the threat actor and Bladex as the victim. The claim describes Bladex as a multinational bank originally established by the central banks of Latin America and the Caribbean, potentially exposing data or disrupting operations #Panama
The ransomware claim targets Suzhou Yike Kejian Architectural Design Research Institute Co., Ltd. (Nanjing Branch), a Chinese architectural design and research firm in the Residential Building Construction sector, with the threat actor identified as thegentlemen. It operates as a branch of its Suzhou-based parent and serves the Yangtze River Delta, indicating the attack may target regional design institutes in Jiangsu.
#China
Lawson Software (Thailand) Co., Ltd., a Bangkok-based IT consulting firm, reports a ransomware claim attributed to the threat actor thegentlemen. The claim describes encryption of internal systems and potential data exposure affecting its operations in Thailand. #Thailand
Thegentlemen claim to have breached Coralina, the Colombian government environmental authority responsible for managing the San Andrés, Providencia and Santa Catalina archipelago, and are demanding a ransom to prevent the release of data. The claim identifies CO (Colombia) as the impacted country and warns of further action if the ransom is not paid #Colombia
thegentlemen claim a ransomware operation against EEC Group (Engineering Enterprises for Civil & Steel Constructions S.A.E.), an Egyptian engineering and construction conglomerate. The claim describes encryption with potential data exfiltration against the Cairo-based organization. #Egypt
O grupo de ransomware LockBit5 reivindica ter atacado a ERS Transportes (erstransportes.com.br), uma empresa brasileira. Segundo a reivindicação, a ERS Transportes iniciou suas atividades em 2003, transportando cargas em equipamentos porta-contêineres #Brazil
LockBit5 claims to have breached bardehle.com, a Germany-based intellectual property law firm, as part of a ransomware operation. The claim alleges exfiltration of confidential patent litigation documents and other sensitive firm data, underscoring the actor’s focus on a high-profile German law firm. #Germany
A ransomware claim alleges that the threat actor LockBit5 targeted PT Murni Solusindo Nusantara (murni.co.id), an ICT-based solutions provider with ISO 9001:2015 certification. The claim describes data encryption and potential extortion connected to the incident, with Indonesia identified as the impacted country #Indonesia
LockBit5 ha rivendicato un attacco ransomware contro studiopiu.net, descrivendolo come un’operazione mirata in Italia, situata di fronte al Lago di Garda, a Desenzano, dove batte uno dei cuori storici della radiofonia dance italiana. L’episodio mette in luce una minaccia crescente per i media italiani e la scena radiofonica digitale #Italy
A ransomware claim targets KEMBA Indianapolis Credit Union in the United States, attributed to the threat actor qilin. Further details about the incident are not available (N/A). #UnitedStates
Qilin claims to have breached Leistritz Turbine Technology, exfiltrating data and demanding a ransom. The claim identifies Germany as the operation’s location but provides no further details (N/A) about the attack. #Germany
The lapsus$ claim alleges a breach of CHECKMARX in Israel, involving exfiltration of source code, an employee database, API keys, and MongoDB/MySQL credentials. The incident underscores exposure of internal assets and credential theft consistent with lapsus$’s known tactics #Israel
The ransomware claim concerns Cahbo Produkter in Sweden, attributed to the threat actor qilin. Beyond the N/A designation, no further details about the variant or impact are available at this time #Sweden