Ransomware Group

Dunghill Leak

Also known as: Dunghill, Dark Angels

Status: active • First seen 2023-0430+ known victims

Dunghill steals absolutely massive amounts of data from big companies, sometimes tens of terabytes. They demand some of the largest ransoms ever seen, often tens of millions of dollars.

Overview

Dunghill Leak is associated with the Dark Angels ransomware operation and is known for massive data theft operations, including one of the largest data thefts in history with 27TB stolen.

Target Industries

Technology, Manufacturing, Conglomerates, Critical Infrastructure

How They Attack

  • Massive data exfiltration
  • Single victim focus
  • Double extortion
  • Long dwell time

Notable Victims

Johnson Controls (2023) - 27TB stolen, Fortune 500 companies

Is your business exposed?

How to Protect Against Dunghill Leak

  1. 1.

    Implement data loss prevention (DLP) monitoring

  2. 2.

    Monitor for large file transfers to unknown destinations

  3. 3.

    Segment sensitive data networks

MITRE ATT&CK Techniques

T1567, T1486, T1041, T1071

Is your business exposed?

Check if your company data is circulating on the dark web

Free scan • No credit card required

Privacy PolicyYour Privacy Choices