The Warlock ransomware group has allegedly added a new list of international companies to its data leak site, claiming to have successfully breached their networks and exfiltrated sensitive data. The victims span various industries, from high-tech manufacturing and shipbuilding to medical supplies and IT consulting. The threat actors have posted the company names on their dark web portal, indicating timers for the public release of the allegedly stolen data, a common tactic used in double-extortion ransomware attacks.
The list of victims allegedly targeted by the Warlock group includes several notable organizations from around the globe. The gang claims to have exfiltrated “all data” from most of these companies, posing a significant threat to their operations, intellectual property, and customer information. The targeted entities are:
- 🇺🇸 Hitachi High-Tech America, Inc.: The American subsidiary of the Japanese giant Hitachi, specializing in scientific instruments, semiconductor manufacturing equipment, and industrial solutions.
- 🇹🇷 Medkar: A Turkish company focused on providing medical products and services, particularly for cardiovascular surgery.
- 🇺🇸 ELS Surveying & Mapping: A Florida-based land surveying and mapping firm that serves the construction and real estate sectors.
- 🇺🇸 Webville: An American web design and internet services company.
- 🇺🇸 / 🇺🇦 SSA Group: An international IT consulting and software development company with a major presence in the United States and Eastern Europe.
- 🇳🇱 Ferus Smit Shipyards: A Dutch shipbuilding company known for constructing specialized sea-going vessels, with facilities in the Netherlands and Germany.
- 🇹🇼 Chroma ATE Inc.: A major Taiwanese supplier of precision test and measurement instruments and automated test systems for various tech industries.
