KraftHeinz Hacked by Snatch Ransomware Gang

Snatch Ransomware Claims Hacking KraftHeinz
It seems the season of ransomware attacks is currently in swing.

The global food and beverage company KraftHeinz became a target of an infamous Snatch ransomware gang. Hackers listed the company on its Darknet leak site. This is yet another hack of a food industry company throughout the last time.

KraftHeinz Hacked by Snatch Ransomware

On December 13th, the Snatch ransomware gang listed KraftHeinz on their Darknet site. Although the entry for KraftHeinz on the site dates back to August 16th, it was only updated on the announcement day. Notably, the entry lacked detailed information or file samples, typical for such breaches. However, the absence of data could imply that the attackers are waiting for negotiations or have other strategic reasons for withholding information.

Post about KraftHeinz on the Snatch leak site screenshot
Post about KraftHeinz on the Snatch leak site.

But what info can be found in KraftHeinz network? The company barely had any business with retail customers, with all the deals going to wholesale chains. Nothing critical or sensitive about folks, sure, but enough important information about corporations.

What can be a better gift to a stock trader than a pack of info regarding the co’s financial results days before its earnings report? What can be more valuable for other hackers than an info about weak spots in a company’s security from someone who has already breached it earlier? Frauds will make their money, this way or another – that is for sure.

Food Industry Under Ransomware Attacks

This attack on KraftHeinz is not an isolated incident. In fact, it represents the second major attack on a food producer by Snatch in just two months. As for KraftHeinz scale, the company employs around 40,000 people in over 40 countries and reported net sales of $26 billion in 2022. As a result, the breach threatens corporate security. It poses a risk to a vast array of popular brands under the Kraft Heinz umbrella, including Oscar Meyer, Velveeta, and Jell-O, among others.

Before KraftHeinz, Tyson Foods, another giant in the food sector, fell victim to Snatch in November. The attack pattern mirrored that of KraftHeinz, with limited information disclosed by the ransom operators. Such attacks have something in common and underline a worrying trend in the food industry following previous high-profile cyber attacks on companies like JBS USA, New Cooperative Inc., and Dole Foods.

Who is Behind the Attack?

Seemingly, Snatch, a ransomware group active since 2018, might not be as well-known as other cybercriminal groups. Nonetheless, its impact is increasingly being felt. The US Cybersecurity and Infrastructure Security Agency has warned about Snatch’s tactics, which include exploiting Remote Desktop Protocol vulnerabilities and spending extended periods on a victim’s network before launching an attack.

Snatch utilizes a Ransomware-as-a-Service model and is known for its double extortion tactics. The group’s approach to ransomware attacks is meticulous, often involving prolonged observation of the victim’s network. Over the last year, at least 95 organizations have fallen prey to Snatch, per monitoring tool. The group’s position is noble, and their manifesto promises victim notification and prioritizes negotiations, pledging not to disclose the exploited vulnerabilities beyond the victim.

KraftHeinz Hacked by Snatch Ransomware Gang

By Stephanie Adlam

I write about how to make your Internet browsing comfortable and safe. The modern digital world is worth being a part of, and I want to show you how to do it properly.

Leave a comment

Your email address will not be published. Required fields are marked *