Cyber Incident Victim: 株式会社 丸山製作所

On February 8, 2022, Maruyama Manufacturing Co. discovered that an employee's computer within their corporate group had been infected with the Emotet malware. This infection resulted in the theft of email-related information, including email addresses, names, and subject lines belonging to both internal and external stakeholders. The compromised data was subsequently used by third parties to send fraudulent emails impersonating Maruyama employees to multiple recipients. The company confirmed these suspicious emails contained encrypted ZIP file attachments harboring malware, posing risks of further infections or unauthorized access if opened. Analysis revealed a key identifier of the fraudulent messages: discrepancies between the sender's displayed name and actual email address, with legitimate Maruyama communications exclusively using the "@maruyama.co.jp" domain.

Maruyama Manufacturing publicly acknowledged the incident on February 9, 2022, apologizing for the concern and inconvenience caused to customers, business partners, and affected individuals. They advised recipients to verify sender addresses, delete suspicious emails entirely if the domain differed from their official one, and avoid interacting with attachments or embedded links. The company initiated investigations to determine the full scope of the breach and prevent secondary damage or wider dissemination of malicious emails. While no specific remediation measures were detailed, Maruyama committed to strengthening information security protocols to prevent recurrence. They directed inquiries to their IT Planning Department and referenced the Japanese Information Processing Promotion Agency (IPA) for technical details about Emotet’s functionality, confirming reliance on external cybersecurity expertise for supplementary guidance.