Websites belonging to UAB Vičiūnų grupė, one of the largest food producers in Lithuania, contain a malicious loader capable of infecting user devices.
The breach was discovered by a cyber threat hunter Darius Povilaitis.
“Several VIČI-owned websites have been hacked. It’s dangerous to visit. It would be best to forget about their existence altogether. And since they pose a great danger – they can attack visitors in various ways – it would probably be healthy to block them immediately. It’s likely that this is just a reflection of larger problems within the VIČI group,” Povilaitis posted on LinkedIn.
The malicious code is recognized by ANY.RUN as a loader for malicious payloads. That means it is capable of infecting victims’ computers, analyzing their system information, and delivering additional payloads, such as trojans, infostealers, or even ransomware.
Criminals usually devise social engineering tricks, such as fake captcha checks, to lure victims into downloading and running their executables.
It’s unclear who was responsible for the cyberattack and how the hackers gained access to the websites. Cybernews contacted the group and is awaiting their response.
UAB Vičiūnų grupė is a major Lithuanian food company that owns the brands VIČI, Esva, Columbus, Rido, Food Luck, and others. The group owns over 60 companies operating in 15 countries and employs over 4,400 people.
The group, controlled by a Lithuanian politician Visvaldas Matijosaitis, was previously found to export sanctioned components to Russia, potentially assisting the invasion of Ukraine.
Lithuania, like many countries neighboring Russia, is constantly facing cyberattacks aimed at disrupting services and reducing trust. In the last few years, Russia-affiliated hackers targeted Lithuanian government websites and the NATO summit.
In November 2024, critical undersea data cables were reportedly severed under the Baltic Sea. Insikt Group reported that Russian sabotage attempts have been ramping up in recent months, “targeting critical infrastructure” in a concerted effort to “destabilize NATO allies and disrupt their support for Ukraine.”
Your email address will not be published. Required fields are markedmarked