The ransomware group known as Dire Wolf has allegedly added a host of new victims to its dark web leak site, claiming responsibility for cyberattacks against an international list of companies. The victims include Wine Works Australia, Dynacast, Bolt Nut Manufacturing, Aroeira Salles Advogados, and Taiwan Toyo International Instrument Co., Ltd. These organizations span various critical industries, including legal services, manufacturing, and logistics, indicating a wide-ranging campaign by the threat actors. The group has listed companies originating from Australia, Taiwan, the United States, the United Kingdom, and Brazil.
Among the victims, the Brazilian law firm Aroeira Salles Advogados appears to be the most severely impacted, with the group claiming to have exfiltrated 460 GB of highly sensitive information. The list of compromised organizations and the data allegedly stolen is extensive:
- 🇧🇷 Aroeira Salles Advogados: A law firm based in Brazil. The data allegedly includes legal documents, customer information, claims history, confidentiality agreements, and court documents.
- 🇺🇸 Dynacast: An industrial machinery company from the United States. The leak allegedly contains financial and sales data.
- 🇬🇧 Bolt Nut Manufacturing: A building materials manufacturer from the United Kingdom. The attackers claim to possess financial data, sales data, project drawings, and customer information.
- 🇦🇺 Wine Works Australia: A freight and logistics services company from Australia. The allegedly stolen data includes financial records, sales data, and customer information.
- 🇹🇼 Taiwan Toyo International Instrument Co., Ltd. (台灣東洋國際儀表股份有限公司): A machinery company based in Taiwan. The group claims to have exfiltrated financial and sales data.
Dire Wolf is employing a double-extortion tactic by not only encrypting the victims’ files but also threatening to publicly release the exfiltrated data. The group has set a deadline of September 10, 2025, to publish all the documents if their ransom demands are not met. This strategy is designed to increase pressure on the compromised companies to negotiate a payment to prevent the exposure of confidential corporate and client information.
