Skip to content
Ransomware News

Ransomware [CACTUS] – Group Hits: thomas-lloyd[.]com

HookPhish team

The Infamous Ransomware [CACTUS] – Group Hits: thomas-lloyd[.]com in a recent cyber attack, raising concerns about cybersecurity vulnerabilities. To stay ahead of emerging threats, fortify your online security with the HookPhish Dark Web Monitoring platform. Explore HookPhish Dark Web Monitoring.

image

Ransomware Group: CACTUS

VICTIM NAME: thomas-lloyd[.]com


Summary of the Ransomware Leak Page

The ransomware leak page pertains to a breach involving ThomasLloyd, a global investment and advisory firm focusing on sustainable projects in various sectors, including infrastructure, agriculture, and property. The total revenue of the firm is reported to be $66.1 million, highlighting its significance within the finance industry.

The content of the leak includes a substantial amount of data, estimated at 2.4 TB. It features various types of sensitive information such as personal identifiable information, corporate confidential documents, financial records, and database backups. The page suggests the presence of external links for data retrieval, although download links are currently noted as absent. Additionally, the page contains six images, which likely document aspects of the leaked data or internal communications.

  • Victim Name: ThomasLloyd
  • Industry: Finance
  • Country: USA
  • Data Volume: Approximately 2.4 TB
  • Revenue: $66.1 Million

Cactus Ransomware Group

The ‘Cactus’ ransomware group has emerged as a significant threat, utilizing various tactics to compromise enterprise networks and deploy ransomware. The group has been observed targeting VPN appliances for initial access and exploiting known vulnerabilities to gain a foothold in victims’ environments. Cactus has also been known to abuse legitimate remote monitoring and management (RMM) tools to achieve persistence on compromised systems.

Citations:

Disclaimer: HookPhish does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any files or stolen information. Any legal concerns regarding the content should be directed at the attackers, not HookPhish. This blog is dedicated to posting editorial news, alerting readers about companies falling victim to ransomware attacks. HookPhish has no affiliation with ransomware threat actors or groups, and it does not host infringing content. The information on this page is automatically generated and redacted, sourced directly from the Onion Dark Web Tor Blogs pages.

Related articles

Security training designed for people.

See how HookPhish turns phishing simulation, training and threat monitoring into measurable human-risk reduction.

Book a demo Explore solutions