SARCOMAsarcoma

Sarcoma is a ransomware group that emerged in October 2024 and has been actively targeting various organizations. Sarcoma's attack methods include phishing campaigns, exploiting n-day vulnerabilities, and supply chain attacks. Once inside a network, they use RDP exploitation, lateral movement, and data exfiltration tactics. Sarcoma has claimed responsibility for attacks against Unimicron, a PCB manufacturer, Kelowna Springs Golf Club, Popular Life Insurance, CP Construplan, ADT Freight Services Australia, Micon National. These attacks have resulted in data exfiltration, with Sarcoma threatening to leak or having already leaked stolen data. Specifically, Sarcoma has exfiltrated 377 GB of SQL files and sensitive documents from Unimicron, 3.8 GB of data from Kelowna Springs, 36 GB of data from Popular Life Insurance, 2 GB of data from ADT Freight Services Australia, and 34 GB of data from Micon National. The group is known for its aggressive tactics against industrial organizations.