RansomHub claims responsibility for Farmacia AL SHEFA cyberattack


RansomHub, a ransomware group known for its cyberextortion tactics, has reportedly claimed responsibility for the Farmacia AL SHEFA cyberattack, adding the pharmacy to its list of victims. The group announced a publication on its dark web channel, highlighting its cyberattack against Farmacia AL SHEFA.

Farmacia AL SHEFA, with over two decades of experience providing quality pharmaceutical services, found itself in the crosshairs of cybercriminals despite its commitment to patient health and professional standards.

Decoding the Farmacia AL SHEFA cyberattack

The threat actor’s message on the Dark Web channel detailed crucial information regarding the attack, including a countdown indicating that the data stolen from cyber attack would be made public after a specified duration of 856 hours, 42 minutes and 58 seconds, or approximately 35 days.

Cyber ​​attack on Farmacia AL SHEFA
Source: FalconFeeds on

The Cyber ​​Express, after learning of this cyberattack against Farmacia AL SHEFA, contacted the organization. However, at the time of writing, no official statement or response has been released by Farmacia AL SHEFA, leaving the claims regarding the cyberattack unverified.

Despite the lack of immediate visible impact on the Farmacia AL SHEFA website, which appears to be operational, it is assumed that the cybercriminals targeted the backend systems rather than launching a front-end attack such as DDoS or defacement, a tactic commonly used by ransomware groups to extort victims.

Who is the RansomHub Ransomware group?

According to the findings of the The iZOOlogic research team, RansomHub has become a popular player in the cybercrime space. The group’s mode of operation and objectives were explained through their publication on the dark web, revealing their status as a financially motivated group. piracy collective with members spread across different countries. The group has notably explicitly declared its non-targeting policy towards certain countries and organizations, including Cuba, North Korea, China, Romania and the CIS.

In addition to outlining its operational guidelines, RansomHub highlighted its commitment to ensuring compliance with negotiated agreements and rapidly providing decryptors as soon as possible. ransom payment. The group’s strict rules include banning affiliates who violate agreements and prohibiting targeting nonprofit organizations.

Additionally, RansomHub commits to responding to victims who pay ransom within 48 hours to remedy any violations of their rules by its affiliates. Despite its selective targeting and operational guidelines, RansomHub poses a significant threat to organizations around the world, with its recent cyberattack on Farmacia AL SHEFA highlighting the ever-increasing threat of Ransomware groups.

Media Disclaimer: This report is based on internal and external research obtained through various means. The information provided is for reference purposes only and users take full responsibility for their reliance on it. The Cyber ​​Express assumes no responsibility for the accuracy or consequences of the use of this information.

Leave a comment