Elematec Corporation Suffers Ransomware Attack by Devman Hacking Group

• Devman hacking group strikes Elementec Corporation in a major cybersecurity breach.
• The ransomware attack exposes the Toyota Tsusho subsidiary to severe risks due to data exposure.
• Compromised data could include sensitive customer records, proprietary designs, and financial information.

Elematec Corporation, a prominent Japanese electronics and industrial materials supplier and a subsidiary of Toyota Tsusho, has been hit by a significant ransomware attack attributed to the Devman threat actor. 

In a bold claim, the Devman hacking group has demanded a ransom of $10 million for yet another ransomware attack targeting major players in the manufacturing and supply chain industries.

The alleged cybersecurity breach could expose highly sensitive company data, including proprietary designs, customer records, and confidential financial information. 

Such a cybersecurity incident not only risks severe operational disruptions but also poses reputational damage and potential regulatory actions—serious threats in an industry where reliability and trust are critical.

The Devman hacking group’s $10 million ransom demand, positioned as “only” relative to the scale of compromise, could be a tactical effort to pressure Elematec Corporation into compliance. 

Devman recently transitioned from an affiliate-focused model to independent operations, leveraging various RaaS affiliations, including Qilin, RansomHub, and DragonForce. The groups’ custom encryptors and increased lateral movement speed pose a growing risk.

This attack follows a concerning trend where ransomware groups are increasingly exploiting vulnerabilities in the manufacturing and supply chain sectors, threatening business continuity and global distribution networks.

In such cases, cybersecurity analysts typically advise organizations in the manufacturing and supply chain sectors to enhance their defenses against ransomware attacks. 

Reports this weekend stated that China Harbour Engineering Company was targeted by the threat actor, with a ransom demand of $450,000. In April, Qilin and Devman took credit for the purported Feel Four breach.