InfoSecBulletin Cybersecurity for mankind
The LockBit 3.0 ransomware group on Monday leaked 600 gigabytes of critical data stolen from Indian lender Fullerton India, two weeks after the group demanded a $3 million ransom from the company.
Fullerton India said on April 24 that it had suffered a malware attack that forced it to temporarily operate offline as a precaution. The company said it had resumed customer services and worked with global cybersecurity experts to make its security environment more resilient.
B1ack’s Stash Releases 1 Million Credit Cards on a Deep Web Forum
Cisco Confirms
Salt Typhoon Exploited CVE-2018-0171 to Target U.S. Telecom Networks
AWS Key Hunter
Test this free automated tool to hunt for exposed AWS secrets
Check Point Flaw Used to Deploy ShadowPad and Ransomware
CVE-2024-12284
Citrix Issues Security Update for NetScaler Console
CISA and FBI ALERT
Ghost ransomware to breach organizations in 70 countries
Hacker chains multiple vulns to attack Palo Alto Firewall
150 Gov.t Portal affected
Black-Hat SEO Poisoning Indian “.gov.in, .ac.in” domain
CVE-2018-19410 Exposes 600 PRTG Instances in Bangladesh
Builder claims Rs 150 cr for data loss; AWS faces FIR In Bengaluru
The ransomware group soon listed Fullerton India as a victim on its data leak site, stating it had stolen more than 600 gigabytes of “loan agreements with individuals and legal companies.”
The group set a deadline of April 29 for the company to pay the ransom to keep the group from publishing the stolen data. The group also gave the company the option to pay $1,000 to extend the deadline by 24 hours.
Fullerton India operates 699 branches across India that offer doorstep credit services to around 2.1 million customers. The company in 2022 had more than $2.5 billion worth of assets under management and employed over 13,000 people.
Ritesh Bhatia, noted cybercrime researcher and the founder of V4WEB Cybersecurity, shared evidence with Information Security Media Group about the LockBit group releasing documents related to Fullerton India on the dark web. He said the data leak occurred as a result of Fullerton India refusing to engage with the ransomware group, leading to the group initiating triple-extortion tactics to force the company to pay.
While double extortion involves ransomware actors encrypting a victim’s data and exfiltrating it to place additional pressure on the victim to pay, a triple-extortion tactic involves hackers contacting the victim’s clients, business partners, vendors and customers to make the breach public and force the victim to come to the negotiating table.
(Source: bank info security)
