Automotive Group Hit in Ransomware Attack

October 18, 2021


A U.S.-based automotive group of dealerships fell victim to a new ransomware attack group threatening to drop 200 GB of exfiltrated data unless the group pays $400,000.
The attack is a variant of ransomware called Colossus that affects machines running Microsoft Windows operating systems, according to a report by the ZeroFox Threat Intelligence team. The sample has features including binary packing via Themida and sandbox evasion capabilities. The ransomware has a support website for setting up communications with victims, which most likely launched September 20.

Incident Date

September 20, 2021

Estimated Cost


Type of Malware

Threat Source

No threat source identified