It’s interesting, isn’t it? Seems like the cyber criminals keep getting ahead, and even enterprises with dedicated IT security teams are not completely safe. This week we share the recap and a few tangible insights into what recently happened in the cybersecurity world – Mobikwik data breach, hades, and evil corp. Our news aggregator and proprietary threat intelligence platform KNOW shares everything trending in cybersecurity space and helps you understand exactly what you are dealing with for FREE.
MobiKwik suffers data breach – probably one of the largest KYC data leak
MobiKwik, a fintech platform from India has been in the news for suffering a massive data breach. According to cybersecurity researchers, over 3.5 million customer’s data is leaked on the dark web. However, the company denied any breach and shared a statement ensuring safety of company and user data.
According to the updated from independent researchers, sensitive information such as the mobile phone numbers, email, bank account details, credit card numbers, etc. has been leaked. MobiKwik is in denial of the reports, but several security researchers have asserted to over 8.2TB the size of data being leaked on the dark web.
Twitter Reactions to MobiKwik
#1 Internet Freedom
#MobikwikDataLeak
We have written to @IndianCERT asking them to initiate an inquiry over the Mobikwik data breach under Sec. 70B(6) of the IT Act. We lay out 5 steps MobiKwik must take to alleviate the situation. Pls read and RT for public knowledge.
1/nhttps://t.co/MssXWYx1vG— Internet Freedom Foundation (IFF) (@internetfreedom) March 31, 2021
#2 Zack Whittaker
This MobiKwik data breach gets even worse. @refsrc reports that MobiKwik may have known a *month ago* that user data had been taken from its cloud storage. More: https://t.co/OZJxZSqmGv https://t.co/o5ruSOBVgG
— Zack Whittaker (@zackwhittaker) March 30, 2021
#3 Rajshekhar Rajaharia
The Hacker who leaked alleged #MobiKwik 10 Crore Indian Cardholders data, The same hacker now created a search engine for Facebook data leak too. You can Search whether your Facebook data is leaked or not. You can also check at @haveibeenpwned #infosec #MobikwikDataLeak #GDPR pic.twitter.com/kzeV1S5Sn4
— Rajshekhar Rajaharia (@rajaharia) April 6, 2021
The MobiKwik breach – why scary?
As per the latest statement by their Founder, Bipin Preet Singh, MobiKwik will be hiring third party to conduct a forensic data security audit. Potentially 3.5 million customer’s sensitive data in the hands of cyber criminals is definitely scary. Yes, there are strict rules and regulations for consumer data and enterprises do well to abide by these laws, but what about the things that are outside their purview? Is there a way enterprises can ensure that they see an attacker, attack vectors, trending malwares, vulnerabilities, and patterns before being hit by a tragedy? Well, it’s no more scary when it comes to knowing the most trending cybersecurity insights.
KNOW, a threat intelligence platform and cybersecurity news aggregator combined with ASI (attack surface intelligence) from Netenrich, helps organizations to continuously understand the digital exposure, prioritize risks, and remediate issues before being exposed and manipulated by cyber criminals.
Hades: Do you know this Ransomware?
Hades recently surfaced on the news, and our KNOW platform has just the right amount of insights to help you. Our recent post shared details about Hafnium, and gave more context about this threat actor group that mainly targets the Microsoft Exchange Servers. It turns out that Hafnium APT group might just be working under the disguise of Hades.
Why is Hades trending?
Trucking giant Forward Air, fell victim to Hades and ended up losing millions of dollars to this ransomware attack. This ransomware attack resulted in the company losing around $7.5 million in revenue. Hades has also been linked to the Evil Corp, a notorious Russian cybercrime operation. Reporters suggested that the attackers behind Hades target specific industries and operate as a group. Focusing mainly on manufacturing industries, the group attempts to squeeze out $5 – 10 million from the victims.
Hades references from KNOW
Total references: 1000
Last 60 days: 692
Previous 7 days: 73
Twitter reactions to Hades
#1 Catalin Cimpanu
To add to the conversation, I also couldn't verify this research either. I asked two persons about it and neither agreed with the report's assumptions and conclusions.
tl;dr: There are no credible connections between Hafnium and the Hades ransomware gang. https://t.co/Y4YgrmNeWP
— Catalin Cimpanu (@campuscodi) March 30, 2021
#2 MalwareTech
The far more likely story is that the network was infected with the Estonine worm (which isn't Hafnium anyway), was later breached by Hades ransomware (who cleaned up their initial entry), leaving behind Estonine as the only observable potential entry vector.
— Marcus Hutchins (@MalwareTechBlog) March 30, 2021
#3 TechTarget Security
.@CrowdStrike reported Hades #ransomware is tied to Evil Corp, but @AristaNetworks discovered a possible connection to #Hafnium, a Chinese nation-state group behind initial #MSExchange attacks. @TechTargetNews https://t.co/FTZlZRY1D0
— TechTarget Security (@SearchSecurity) March 31, 2021
Evil Corp: Continues to hit exchange servers
Evil Corp was in the news for attacking an insurance giant, CNA. Evil Corp is considered to be one of the worlds largest and a harmful hacking group. The group has successfully stolen millions of dollars from hundreds of bank accounts spread across the globe. Recently, CNA had to temporarily take down its website and shut down the systems due to a novel ransomware attack. According to the company’s statement, this network caused network disruptions and impacted CNA systems and also the corporate mails.
Evil Corp Overview from KNOW
Evil Corp reference from KNOW
Total references: 4000
Last 60 days: 128
Last 7 days: 13
Twitter reactions to Evil Corp
#1 Eamon Javers
My report tonight on how American companies negotiate with – and often pay off – criminal hacker gangs. And check out that video of “Evil Corp” hackers allegedly doing donuts in expensive sports cars on the streets of Moscow: https://t.co/zZSYfD31x3
— Eamon Javers (@EamonJavers) April 7, 2021
#2 Simon
Insurance giant CNA has suffered a ransomware attack using a new variant called Phoenix CryptoLocker that is possibly linked to the Evil Corp hacking group. https://t.co/2rDlkpaCtk
— Simon (@simon__au) March 31, 2021
KNOW the latest cybersecurity news
Almost every tool/software claims to be the best but we all know the reality, the truth is far from speculations. In reality, what works for some may not exactly be needed or useful for others. But what makes KNOW different is the versatility that it adds to aggregating and sharing the most trending cybersec news and insights. Here you will find a complete overview, reference, context, and news to help you constantly stay up-to-date with the latest and critical security insights.
Free Subscription
Do you also feel that attack surface of your organization is growing faster than your security operations team? Limited budgets and increasing skill gaps also limit the extent to which security teams can secure assets within the organization and the ones that lie outside your security’s purview. With the combination of threat and attack surface intelligence, Netenrich helps you to effectively addresses the above and several other issues.
Subscribe To Our Newsletter!
The best source of information for Security, Networks, Cloud, and ITOps best practices. Join us.
Thank you for subscribing!
