In a significant cyberattack incident within the financial sector, the notorious ransomware group, ALPHV, also known as BlackCat, has claimed responsibility for a targeted attack and data breach on Bangladesh Krishi Bank.
On June 21st, 2023, the hackers successfully breached the bank’s security, infiltrating its network and exfiltrating over 170GB of sensitive data. Employing sophisticated encryption techniques, they rendered the bank’s servers and stored information inaccessible.
The cybercriminals remained undetected within the bank’s network for 12 days, allowing ample time to study internal documentation and steal every piece of valuable information.
The ALPHV ransomware group has disclosed the nature of the data they successfully stole from Bangladesh Krishi Bank during their cyberattack.
The compromised information encompasses a wide array of sensitive data, including crucial financial records such as account details, statements, and tax information. Furthermore, the hackers obtained personal data including employee data, emails, passport copies, labour papers, and employment contracts, potentially exposing the personal information of the bank’s staff. The threat group added that they acquired the bank’s SQL backup on June 19th, 2023.
The targeted bank refused negotiations for data recovery, prompting the ransomware group to issue a warning. The group cautioned all contributors and investors who entrusted their funds to Bangladesh Krishi Bank to withdraw their investments within seven days when the warning message was dispatched to the contacts and emails procured from the stolen data.
ALPHV issued a deadline of 72 hours, commencing from July 8th, 2023, within which the bank’s top management was expected to initiate contact to address the situation.
In their post, ALPHV disclosed that they have implanted potent backdoor tools deep within the network infrastructure of Bangladesh Krishi Bank. This malicious move ensures that the cybercriminals maintain persistent access and can return at will to execute their malicious activities.
The threat group also openly criticised the bank’s IT management, asserting they lack the qualifications and skills to protect the institution’s valuable data adequately.
The cyberattack orchestrated by the ALPHV ransomware group against Bangladesh Krishi Bank has left a trail of significant repercussions within the financial sector. The aftermath of this attack serves as a stark reminder for organisations to fortify their defences and stay ahead in the ever-evolving landscape of cyber threats.
