Stormous ransomware gang takes credit for attack on Belgian brewer Duvel

Avatar

The Stormous ransomware gang has taken credit for an attack on a major Belgian beer producer this week.

The ransomware attack on Duvel Moortgat Brewery has affected operations for days. Local news outlets and BleepingComputer reported on Wednesday that Duvel’s IT department detected the attack and shut down production lines.

Spokesperson Ellen Aerts told reporters that they are “still working to find out exactly what happened.

“We have decided to switch off our servers and as a result production is at a standstill at all our Belgian sites and at our site in the United States,” she said. “We are confident that we will be able to restart production soon. In the meantime, there is enough stock, so Duvel drinkers don’t have to worry.”

The company was added to Stormous’ leak site on Thursday, with the group claiming to have stolen 88 gigabytes of data from Duvel. The gang gave the brewer a deadline of March 25 to pay the ransom.

The company did not respond to requests for comment about the situation.

The incident comes amid growing interest in Stormous ransomware following their announced alliance with GhostSec, a financially-motivated hacking group conducting single- and double-extortion attacks that has ramped up its activity over the last year, according to Cisco Talos.

Researchers published a report this week about the alliance between the two groups, finding that they are “operating together to conduct… double extortion attacks” on victims in Cuba, Argentina, Poland, China, Lebanon, Israel, Uzbekistan, India, South Africa, Brazil, Morocco, Qatar, Turkey, Egypt, Vietnam, Thailand and Indonesia.

GhostSec has also been active on its Telegram channel in highlighting its attacks on Israel’s Industrial systems, critical infrastructure and technology companies.

In recent months the group has claimed to be part of an alliance called the “Five Families” — which includes the hacking groups ThreatSec, Stormous, Blackforums and SiegedSec.

“Their claims also showed us that their primary focus is raising funds for hacktivists and threat actors through their cybercriminal activities,” Cisco researchers said.

GhostSec began to collaborate with the Stormous ransomware gang in July 2023 in several alleged attacks on government organizations in Cuba. By October, the two groups announced a partnership and GhostSec unveiled a new ransomware-as-a-service operation called GhostLocker.

Since then, the groups have collaborated on several attacks while evolving their offerings to include methods for independent hackers to use their platform to simply sell or publish stolen data.

NewsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Leave a Reply

Your email address will not be published. Required fields are marked *

Previous Post

Play ransomware leaked 65,000 Swiss government documents, investigation finds

Next Post

Iran-linked ‘Lord Nemesis’ group appears intent on intimidating Israeli organizations, report says

Related Posts

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky. "The malware payloads used in the DEEP#GOSU represent a
Avatar
Read More

What is Nudge Security and How Does it Work?

In today’s highly distributed workplace, every employee has the ability to act as their own CIO, adopting new cloud and SaaS technologies whenever and wherever they need. While this has been a critical boon to productivity and innovation in the digital enterprise, it has upended traditional approaches to IT security and governance. Nudge Security is the world’s first and only solution to address
Omega Balla
Read More