Cyber Incident Victim: Pluriservice

On June 3, 2023, the cybercriminal group DarkRace claimed responsibility for a ransomware attack targeting the Italian logistics company CONATECO (Consorzio Napoletano Terminal Containers) through a post on their darknet Data Leak Site. The attackers asserted they had exfiltrated 46GB of sensitive data from CONATECO's IT infrastructure prior to deploying ransomware encryption. DarkRace's announcement included a detailed description of the victim organization, identifying it as Naples' largest container terminal operator and Italy's fourth-largest port facility, founded in 1995 and strategically positioned in Mediterranean shipping routes. The company's website became inaccessible following the attack, displaying a "Site under maintenance" message on its homepage and 404 errors on all subpages, indicating a complete takedown of its web presence.

DarkRace operated under a ransomware-as-a-service (RaaS) model, employing double extortion tactics by threatening to publish stolen data unless CONATECO paid a cryptocurrency ransom. The group's name bears similarity to cybersecurity firm Darktrace, though no operational connection exists between the legitimate company and the criminal enterprise. No public statement from CONATECO management regarding incident response actions, ransom payment status, or data restoration progress appeared in available reporting. Industry analysts emphasized the attack's potential operational disruption given CONATECO's role in international shipping logistics, though specific impacts on port operations or customer data exposure remained unconfirmed. The incident highlighted vulnerabilities in critical transport infrastructure security despite preventive measures recommended by experts, including network segmentation, privileged access controls, and offline backups. DarkRace's successful data exfiltration demonstrated sophisticated network penetration capabilities against a major Mediterranean logistics operator.