S5 Agency World, a major port agency, has allegedly been victimized by a ransomware gang. The attackers claim to have taken nearly 140 gigabytes of data.
The company’s name was posted on a dark web leak site that ransomware gangs use to showcase their latest victims. Cybercrime gangs use this tactic to pressure victims into paying the ransom over fears of data being leaked to public.
S5 is a maritime transportation firm with a presence in over 360 ports worldwide. The London-headquartered company acts as a local representative for shipping companies when their vessels visit certain ports.
The attackers posted several screenshots from the supposedly stolen details to add credence to their claim. The Cybernews research team investigated the data samples, noting that the data appears legitimate.
The included data samples reveal inspection reports, employee vaccinations against COVID-19, some passport copies, internal company documents, and other data. However, the data sample is very limited, and the total volume of documents taken could be larger.
Companies crucial to maritime transportation are among the most prized hacker targets. For one, cyberattack-related downtime is not an option for many of these organizations, as shipping delays can form supply chain bottlenecks and negatively impact clients.
Bert ransomware is a new player on the block, first observed in April of 2025. The gang comes from a myriad of new ransomware cartels that joined the cybercrime underworld recently.
According to data from Cybernews’ dark web surveillance tool, Ransomlooker, the number of active ransomware gangs spiked to 65 groups in the first quarter of 2025. Meanwhile, Bert ransomware managed to victimize a dozen organizations over its short lifespan.
Researchers note that the gang delivers malware via legitimate software supply chains, often targeting healthcare and tech sectors. For example, CYFIRMA experts believe the gang can evolve into a larger threat as it appears to adapt well to the current cybercrime landscape.
Your email address will not be published. Required fields are markedmarked