Incidentally, the FBI and CISA have released a joint advisory on the Ransomhub Ransomware variant, calling it a formidable service model attracting high-profile affiliates from other prominent variants such as LockBit and ALPHV.

“Since its inception in February 2024, RansomHub has encrypted and exfiltrated data from at least 210 victims representing the water and wastewater, information technology, government services and facilities, healthcare and public health, emergency services, food and agriculture, financial services, commercial facilities, critical manufacturing, transportation, and communications critical infrastructure sectors,” CISA added in the advisory.

Halliburton sent into shutdown

The cyberattack had pushed Halliburton to shut down a few of its systems while it investigated the incident, according to the company’s SEC filing. Generating invoices and purchasing orders was temporarily affected but a workaround has since been made available, according to the email.