Foodservice Supplies Firm Edward Don Suffered Ransomware Attack

Another victim of a ransomware attack has surfaced online. The latest report comes from a US-based foodservice supplier, Edward Don, who faced service disruptions following the ransomware attack.

Edward Don Suffered Ransomware Attack

Reportedly, Edward Don – a food service supplies and equipment firm in the US – fell prey to a ransomware attack. The firm is among the largest suppliers of kitchen supplies, dinnerware, glassware, disposables, and other restaurant and food service-related equipment.

According to Bleeping Computer, the firm hasn’t yet disclosed the incident officially. Nonetheless, the incident ultimately caught their attention following a service outage.

Specifically, the service may have suffered the attack a week ago. The incident led to service disruptions affecting its network, emails, and phone systems. Eventually, their staff had to switch to Gmail accounts to resolve customer queries.

Whereas, its employees confirmed that the service isn’t taking any orders for now.

Qbot Trojan Suspected

Since Edward Don hasn’t revealed any details officially, not much about the incident is yet known.

However, according to Vitali Kremez of Advanced Intel, the firm had probably fallen prey to Qbot trojan.

But that would surely not be a singular culprit since Qbot malware often partners with advanced ransomware gangs like REvil. It facilitates the latter by providing remote access to the target network. Hence, ransomware finds it easy to spread laterally, steal data, and encrypt files.

Qbot has reappeared online numerous times, bringing up more malicious capabilities every time. Their most recent victim appears to be the Japanese photography giant FUJIFILM that went down following the ransomware attack. While FUJIFILM clearly confirmed the ransomware involvements, details about how the incident took place remained unclear.

Ransomware attacks have recently jolted up the US, in particular, with some devastating attacks.

Two noteworthy incidents include the attacks on Colonial Pipeline and JBS Foods. These incidents specifically triggered serious actions from law enforcement, eventually leading to the shutdown of DarkSide ransomware.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients