Ransomware gang NoEscape claims to have struck a chain of furniture stores. The group claims to have stolen 130GB of data from the Glamorgan-based Leekes.
The company was posted to the gang’s victim blog on 17 September, with NoEscape threatening to post an “update” today. It is unknown whether a ransom demand has been made, or if the company is co-operating with the hackers.
Screengrabs of the post circulating throughout the online community show the acronym DDoS in the bottom left of the post, hinting that one of the weapons of choice for this particular attack could have been a distributed denial of service attack (DDoS), which overwhelms a website with too many requests for it to handle.
Leekes sells furniture and other homeware and operates six stores in Wales and the West of England. Tech Monitor has contacted the company for comment on the incident but has yet to hear back at the time of writing.
NoEscape from determined hackers
NoEscape is a ransomware gang that practices double extortion techniques to pressure its victims into paying. This means the gang will encrypt an organisation’s network infrastructure with ransomware, but only after it has stolen sensitive data. It will then offer the victim company the decryption key for a price, while also threatening to release the stolen information onto the dark web if they refuse to pay.
The gang’s recent victims include the German Federal Bar Association, which represents 166,000 lawyers. It reportedly discovered the attack on 2 August, stating that: “The Brussels office… fell victim to a criminal cyberattack, which led to a failure of the IT systems.” Once discovered, “all network connections were immediately severed”.
The gang also made headlines in June for attacking the Hawaii Community College in Hawaii, with the college paying the ransom demand to to get its data back. “After determining that the compromised data most likely contained personal information of approximately 28,000 individuals, the University of Hawaii made the difficult decision to negotiate with the threat actors in order to protect the individuals whose sensitive information might have been compromised,” the school said at the time.