Conti gang hits KP Snacks with a crippling ransomware attack

Conti gang hits KP Snacks with a crippling ransomware attack

The ransomware attack affected the supply chain and disrupted deliveries to leading supermarkets in the United Kingdom.

The ransomware attack affected the supply chain and disrupted deliveries to leading supermarkets in the United Kingdom.

A cyberattack carried out by the infamous Conti ransomware gang has hit the prominent German-owned British snack food manufacturer KP Snacks, the company has confirmed.

The ransomware took place on Friday, January 28th in which Conti ransomware operators stole the company’s data and also affected the supply chain, and disrupted deliveries to leading supermarkets across the country.

It is worth noting that KP Snakes is home to some of Britain’s most popular crisp brands, including Hula Hoops, Tyrell’s, McCoy’s, Skips, and Parsnip. The full list of the company’s brands is available on its Wikipedia page.

Like other ransomware gangs, the Conti gang’s modus operandi involves blocking victims’ access to computer systems in exchange for a ransom payment

Conti, which itself is malicious software, vets for valuable targets, spreads the infection and encrypts all accessible computer systems on a network.

On Friday, 28 January we became aware that we were unfortunate victims of a ransomware incident. As soon as we became aware of the incident, we enacted our cybersecurity response plan and engaged a leading forensic information technology firm and legal counsel to assist us in our investigation.

Our internal IT teams continue to work with third-party experts to assess the situation. We have been continuing to keep our colleagues, customers, and suppliers informed of any developments and apologize for any disruption this may have caused.

KP Snacks

Prior to KP Snacks’ confirmation, a deep web intelligence feed going by the Twitter handle of DarkFeed (@ido_cohen2) revealed on Tuesday, February 1st that the Conti ransomware gang “encrypted the company’s network (referring to KP Snacks) and stole a lot of data.”

KP Snacks ransomware attack ransomware gang
Credit: DarkFeed on Twitter

For now, it is unclear how much ransom was demanded by Conti ransomware or whether KP Snacks is willing to abide by the group’s demands. It is however confirmed that the company has warned retailers of delivery delays.

In a conversation with, Neil Jones, cybersecurity specialist at cloud content governance platform Egnyte warned companies of devastating ransomware attacks in the absence of proper security measures.

“The KP snacks ransomware attack demonstrates that your organization needs to make cybersecurity a Boardroom priority if you haven’t done so already,” Neil said. “While advocating support from your executive team, you need to implement proactive data hygiene and protective behaviors, such as patching your CVEs and hardening your databases now. It could be a real lifesaver.”

About the Conti ransomware gang

Conti ransomware group is known for high-profile cyberattacks and runs a private Ransomware-as-a-Service (Raas). The group was first identified in the latter half of December 2019 using TrickBot to drop its payload.

According to cybersecurity experts, Conti operators are associated with a Russian cybercrime gang called Wizard Spider. The gang’s modus operandi involves launching attacks, stealing data, and demanding ransom. If the ransom is not paid the gang leaks the stolen data.

According to the gang, they have so far compromised 500 organizations globally. Some of its recent victims include the Bank of Indonesia, the Fourth District Court of Louisiana, and Shutterfly.

Steve Moore, chief security strategist, Exabeam also commented on the ransomware attack on KP snacks. Steve warned that these attacks will only increase in the coming days or months due to ever-developing methods used by ransomware gangs to identify and target their victims.3

“These groups keep getting away with these intrusions because they are experts at compromising credentials, Steve said. “They utilize Mimikatz, Kerberoast to attack Kerberos, and even check for saved passwords in domain group policy files. Interestingly, they will specifically search for security policy and cyber insurance documents – showing that context matters even to the adversary!” is keeping an eye on the situation therefore in case the Conti ransomware gang decided to leak the stolen KP Snacks’ data this article will be updated accordingly

Related Posts