iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Sarcoma ransomware gang listed the Australian company on its darknet leak site, but the company says the data impacted is minimal.
The Sarcoma ransomware gang has claimed Australian office furniture supplier Micon Office National as a victim on its darknet leak site overnight.
According to the gang, it exfiltrated 34 gigabytes of data from the company and is threatening to publish the data within 11 days.
Sarcoma has not listed a ransom amount but does say it has various files, SQL databases, and emails from an Exchange server. The gang shared three documents as proof of the hack, a pair of invoices, and a medical letter belonging to an employee of Micon Office National.
Micon Office National has confirmed the attack, with a spokesperson for the company telling Cyber Daily it became aware of the incident on 4 November and that it likely occurred the day before.
“We informed our security software company who has passed it on,” the spokesperson said, adding that law enforcement is aware of the incident.
Staff have been informed of the incident; however, the spokesperson said, “no client files were affected as these are managed by a Sydney software company”.
Since its first observed activity in October 2024, Sarcoma has claimed a further five victims in the ANZ region, with around 40 victims worldwide. Those local victims are The Plastic Bag Company, Perfection Fresh, New Zealand-based Advanced Accounting, Road Distribution Services, and Meshworks.
Matt Green, principal threat analyst at Rapid7, said that Sarcoma’s activity places it within the top 10 most active ransomware operators for the month.
“Sarcoma employs a double-extortion strategy, combining ransomware encryption with data exfiltration to pressure organisations into paying ransoms,” Green told Cyber Daily.
“To date, Sarcoma has impacted nearly 40 organisations globally, with a concentration in the United States, Canada, Europe, and Australia. Multiple industries [were] targeted, including manufacturing and various service sectors.
“Rapid7 is actively monitoring Sarcoma’s activity. We strongly recommend that all organisations consider relationships around supplier access, credentials, and any third-party services.”
The gang certainly seems to prefer very low-profile targets. Micon Office National describes itself as “big enough to deliver but small enough to care”, and it services the Wollongong and Illawarra regions.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
