Shora Advisory, a network of accounting, consulting, and auditing firms based in Morocco, has allegedly been compromised by the Tengu ransomware group. The attackers have posted a countdown timer, threatening to publish 23.5GB of the firm’s data once it expires. Published chat logs reveal a desperate negotiation where a representative for the firm pleaded for leniency, citing severe financial hardship. Despite these appeals, the Tengu group has refused to provide a decryptor without a Bitcoin payment and intends to leak the files to the public and media agencies.
According to the actor and screenshots of the staging directory, the allegedly compromised 23.5GB of data includes:
-
Client project and advisory folders (including named entities such as FERTITECH and ANDZOA)
-
Auditing and compliance files
-
Internal company network data
Daily Dark WebRead More
R1
T1
