Global Optics Provider Hit with Ransomware Attack and a $10M Ransom

Busiest Month for RansomwareGlobal optics manufacturer Hoya had business operations at its headquarters and several business divisions impacted and is now facing a “No Negotiation / No Discount Policy” $10 million ransom decision to make.

On March 29, Hoya, which employs over 37,000 people in 160 offices and 30 countries, was the target of a ransomware attack by an affiliate of the ransomware-as-a-service group “Hunters International."

The company minimally acknowledged the attack on their website, and later provided additional detail in a separate statement. Bleeping Computer obtained dark web proof of the ransom by Hunters International, alleging 1.7 million files being stolen, totaling 2TB of data:


Source: Bleepstatic

While the impact on ordering systems in production may be an indication that either a vulnerability exploit or a supply chain attack occurred to provide initial access, because 60% of the code used by Hunters International is identical to Hive, many believe this group to simply be a renamed version of Hive – which uses compromised credentials to gain access to VPNs and remote access solutions.

The gathering of credentials, of course, usually is sourced from phishing campaigns intent on credential harvesting to be sold on the dark web – an attack easily avoided by organizations who enroll their users in new-school security awareness training.

KnowBe4 empowers your workforce to make smarter security decisions every day. Over 65,000 organizations worldwide trust the KnowBe4 platform to strengthen their security culture and reduce human risk.

Free Ransomware Simulator Tool

Threat actors are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 24 ransomware infection scenarios and 1 cryptomining infection scenario and show you if a workstation is vulnerable.

RansIm-Monitor3Here's how it works:

  • 100% harmless simulation of real ransomware and cryptomining infections
  • Does not use any of your own files
  • Tests 25 types of infection scenarios
  • Just download the install and run it 
  • Results in a few minutes!

Get RanSim!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews