The extent of the cyber incident is still being determined, but external experts have been engaged to investigate, raising concerns about a potential data breach and exposure of sensitive financial information.
The company is working to restore its operations and has notified regulatory authorities. Despite the disruption, the company is still able to close loans and accept payments.
Multiple financially motivated hacking groups have been observed using the App Installer service as an entry point for ransomware attacks, leveraging signed malicious MSIX app packages distributed via Microsoft Teams and malicious search engine ads.
Experts caution that the decision to pay or not pay depends on various factors, including the type of data compromised, the availability of backups, the financial impact on the organization, and the sector in which the company operates.
The August data breach at Kroll exposed personal information of FTX bankruptcy claimants, including coin holdings and balances, making them potential targets for threat actors in the cryptocurrency market.
The malware is sold as a service and can be obtained through malvertising, fake browser updates, and cracked software installations. It has also been found that the malware is being spread through Discord’s content delivery network.
The National Insurance Board in Trinidad and Tobago has been hit by a ransomware attack, leading to the closure of its offices and limiting its operations for an extended period.
The attack occurred on December 24, 2023, and caused severe disruptions to the hospitals’ IT systems. Investigations are underway to determine the extent of the damage and whether any data was stolen.
The Albanian parliament and a telecom company were targeted by cyberattacks originating from outside Albania. The attacks, which attempted to interfere with infrastructure and delete data, have not been attributed to a specific threat actor.
The newly surfaced DragonForce ransomware gang has claimed responsibility for the attack, stating that they have encrypted devices and stolen data, including personal information of Ohio Lottery customers and employees.