Metaval is an Australia-based global mechanical engineering and manufacturing firm that services the industrial sector with heavy-duty industrial equipment, precision-engineered components and more. With a footprint in the UAE, India, and Australia, it works with critical infrastructure sectors globally.
The company was listed on the dark web leak site of the INC Ransom threat group over the weekend, which claimed that 80 gigabytes of data had been stolen in the alleged cyber attack. The group also claims that the data will be published in just over one day at the time of writing.
Data reportedly includes contracts, financial data, confidential data, customer data, incident data and HR data; however, the threat actor provided no proof of the incident.
Cyber Daily has reached out to Metaval for more information.
Who is INC Ransom?
INC Ransom was first observed in August 2023 and has claimed 804 victims since then. The group has risen in recent weeks from the fifth-most active ransomware actor on the planet to the number four ranking, suggesting a surge in activity.
The group is a ransomware-as-a-service operation, offering its ransomware expertise to affiliates in return for a cut of any profits.
The group has been observed using spear-phishing tactics to gain initial access and double-extortion techniques to pressure its victims, meaning it exfiltrates data from a victim’s network before encrypting it in place.
The victim must then pay a ransom not only to recover the data encrypted on its own systems but also to ensure that it is not published to the darknet or sold to another threat actor.
Earlier this month, the group claimed a cyber incident on Melbourne-based Earth Systems, an environmental management firm. INC Ransom claimed to have stolen 600 gigabytes of data.
Want to see more stories from trusted news sources?Make Cyber Daily a preferred news source on Google.
