Nova ransomware targeted LTI Services (ltiservices.com) and Larick Towing Inc. (laricktowing.com) in the US, claiming to encrypt and threaten to leak database material while offering free decryption of two files as proof, with the warning that only databases—not source code—will be exposed. The attackers stated the sites were seized and demanded a response within 11 days, threatening no recovery after the deadline. #UnitedStates
Incident Details
- Victim: LTI Services and Larick Towing
- Sector: Transportation/Logistics
- Country: US
- Actor: nova
- Source: http://novadmrkp4vbk2padk5t6pbxolndceuc7hrcq4mjaoyed6nxsqiuzyyd.onion/lti-services-and-larick-towing
- Discovered: 2026-05-30T12:53:13.518588+00:00
- Published: 2026-05-30T00:00:00+00:00
Information
- LTI Services is a leading customization and accessory shop for the heavy-duty trucking industry, offering customizations, repairs, aftermarket parts, collision repair, custom fabrication, and electrical repairs for major truck brands.
- The company emphasizes quality parts, accessories, transparency, and close collaboration with customers to help bring design visions to life.
- Larick Towing Inc. is a family-owned business operating since 1978, providing nationwide vehicle transportation, pick-up and delivery services, shipping to ports and terminals, and transport for individuals, auto dealers, auctions, and dealer swaps.
- The company is recognized for its customer-focused approach and commitment to quality service.
- Nova offered to decrypt two files for free as proof, stated that only databases would be leaked rather than source code, and warned of a limited 11-day window to respond before recovery would no longer be possible.
- Both websites were reportedly seized.
Disclaimer: This post is based on public claims made by the ransomware group "nova". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.