KNP Logistics Group (formerly Knights of Old) hit by ransomware attack
Incident
Summary
Hide ▲
Show ▼
The KNP Logistics Group suffered a ransomware intrusion in June 2025 that shut down transport operations, destroyed recovery options, and pushed the company into administration. Attackers reportedly entered through a weak employee password on internet-facing systems that lacked MFA. The disruption left 700 employees out of work and showed how a single credential failure can trigger a full business collapse.
Related Happenings
North American cryptocurrency company hit by network compromise
Incident
First: 28.04.2026 11:00
Last: 28.04.2026 11:00
Sources 1
About this happening:
A **North American cryptocurrency company** suffered a **multi-stage intrusion** that began on **January 23, 2026**, and the attackers kept access for **66 days**. The foothold ca...
North American cryptocurrency company hit by network compromise
IncidentAbout this happening: A **North American cryptocurrency company** suffered a **multi-stage intrusion** that began on **January 23, 2026**, and the attackers kept access for **66 days**. The foothold ca...
BlackFile vishing extortion campaign targeting retail and hospitality organizations
Campaign
First: 24.04.2026 21:26
Last: 24.04.2026 21:26
Sources 1
About this happening:
The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
BlackFile vishing extortion campaign targeting retail and hospitality organizations
CampaignAbout this happening: The **BlackFile** campaign is driving **vishing-based data theft and extortion** against **retail and hospitality organizations**, putting employee credentials and enterprise data...
Scattered Spider SMS phishing and SIM-swap crypto theft campaign
Campaign
First: 20.04.2026 16:33
Last: 20.04.2026 16:33
Sources 1
About this happening:
The **Scattered Spider** campaign used **SMS phishing** and **SIM swap** attacks to steal employee credentials, hijack phone numbers, and take over email and **virtual currency wa...
Scattered Spider SMS phishing and SIM-swap crypto theft campaign
CampaignAbout this happening: The **Scattered Spider** campaign used **SMS phishing** and **SIM swap** attacks to steal employee credentials, hijack phone numbers, and take over email and **virtual currency wa...
Akira group rapid double-extortion ransomware activity
Malware Activity
First: 02.04.2026 16:00
Last: 02.04.2026 16:00
Sources 1
About this happening:
**Akira** ransomware activity now includes **AdaptixC2** abuse in active intrusions, alongside the group’s **under-one-hour** to **under-four-hours** attack cadence. A **Silent Pu...
Akira group rapid double-extortion ransomware activity
Malware ActivityAbout this happening: **Akira** ransomware activity now includes **AdaptixC2** abuse in active intrusions, alongside the group’s **under-one-hour** to **under-four-hours** attack cadence. A **Silent Pu...
Pay2Key ransomware campaign accelerated by US-Iran tensions
Campaign
First: 26.03.2026 12:45
Last: 26.03.2026 12:45
Sources 1
About this happening:
Pay2Key's ransomware operation appears to have accelerated amid **recent US-Iran tensions**, indicating an active campaign with broader victimization risk. The group has been acti...
Pay2Key ransomware campaign accelerated by US-Iran tensions
CampaignAbout this happening: Pay2Key's ransomware operation appears to have accelerated amid **recent US-Iran tensions**, indicating an active campaign with broader victimization risk. The group has been acti...
Timeline
-
24.09.2025 14:58 2 articles · 8mo ago
KNP Logistics Group (formerly Knights of Old) hit by ransomware attack
Initial DisclosureAttackers first gained access by guessing a weak employee password on KNP's **internet-facing systems**. That initial foothold bypassed the lack of **MFA** and opened the way for the ransomware intrusion.
Show sources
- How One Bad Password Ended a 158-Year-Old Business — thehackernews.com — 24.09.2025 14:58
- How One Bad Password Ended a 158-Year-Old Business — thehackernews.com — 24.09.2025 14:58