Canadian heavy equipment maker confirms cyber attack by Karakurt

A Canadian manufacturer of blades, buckets and other heavy equipment that is attached to tractors and excavators has acknowledged it suffered a security breach by the Karakurt hacking gang.

However, Lyle Makus, IT manager of Edmonton-based Weldco-Beales Manufacturing, said it isn’t clear if the gang copied any data.

“We have no way to prove or deny that at this point, so we’re trying to assess that,” he said. “We don’t believe they really got any data.”

Asked to describe the incident, he said that “we had a virus and spent a day or two getting all of the data recovered, and have tidied up and got things locked things down as best we can from the virus.”

Asked if the company has heard from the hackers, Makus said, “They leave a trail on the server of files, they are wanting you to get hold of them and send them bitcoin. And they left a couple of voicemails. The voicemails, he said, told the company “to take this seriously, you know how to contact us.”

He couldn’t recall how much was demanded in cryptocurrency.

Makus doubted the company will pay a ransom. “If you pay for these kinds of things all we’re doing is encouraging them. We don’t believe they would have got much for [our] data.”

Weldco-Beales specializes in making attachments for heavy equipment in the construction, road maintenance, forestry and resource sectors. In addition to Edmonton, it has manufacturing plants in Ontario and British Columbia, and regional sales offices in the U.S..

The company was one of 11 Canadian and U.S. organizations the Karakurt gang alleges it compromised in a December 29th posting. One is Montreal’s tourism agency.

They also include a Quebec construction firm, a Quebec-based bathroom designer, a Canadian First Nation, a Western Canadian data management firm. is attempting to verify those claims. Alleged victims in the U.S. include a credit union, a human resources firm, an asphalt manufacturer and a digital media company.

According to Accenture, Karakurt steals data and promises to release or sell it unless paid. It claims to have hit over 40 victims across multiple industries between September and November alone.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@]

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now