India manufacturing company Polycab was a victim of a LockBit ransomware attack
Polycab is engaged in the business of manufacturing and selling wires and cables and fast-moving electrical goods — ‘FMEG’ under the ‘POLYCAB’ brand. It had an unpatched infrastructure that allowed the LockBit ransomware gang to compromise it and steal various financial documents, which was announced on March 22.
According to Acronis threat intelligence data, India is heavily targeted, with 29.8% of users experiencing at least one malware detection during the month and 28.8% trying to visit a malicious URL at least once.
Luxury Singapore hotel group Comohotels suffered a ransomware attack
Comohotels are a worldwide, multi-award-winning, family-owned group of luxury hotels and resorts located in inspiring destinations. Apparently, the bad guys from REDRansomware like them as well — enough to announce that they compromised them on March 28. They exfiltrated invoices, receipts, accounting documents, personal data, certificates, employment contracts and huge amounts of other confidential information.
During March in Singapore, we saw 29.6% of users experiencing at least one malware detection and 16.9% trying to visit a malicious URL at least once.
Korean manufacturer Samhwa Paint Industrial Co., Ltd. lost its data
Samhwa Paint Industrial Co., Ltd. is a Korea-based company engaged in the manufacturing of paint.
It was compromised by 8base, most likely by spear-phishing, malicious scripts, and RDP access via stolen credentials. The hack was confirmed on April 3. Cybercriminals stole invoices, receipts, accounting documents, personal data, certificates, employment contracts, personal files and others. You need to be very careful on the internet and well-protected in South Korea as, according to Acronis threat intelligence, 44.4% of users experienced at least one malware detection during March and 24% tried to visit a malicious URL at least once.
Indonesia’s PT Bank Pembangunan Daerah Banten Tbk was another big win for the Medusa ransomware gang
PT Bank Pembangunan Daerah Banten Tbk was founded in 1992. It is currently owned by the Banten Provincial Government and has the status of a regional development bank in Indonesia. Medusa ransomware gang claimed it as a victim on March 27. The total amount of data leakage was 108.47 GB and included all customer financial information on SQL databases.
During March in Indonesia, we saw 17.6% of users experiencing at least one malware detection and 21.7% trying to visit a malicious URL at least once.
Philippines luxury resort Okada Manila was hacked by alphv ransomware gang
Okada Manila is a Tiger Resort Leisure & Entertainment, Inc. (TRLEI) development, including a hotel, casino and other properties. It was compromised by alphv gang, which was confirmed on December 29, 2023. That happened, as is often the case, with the help of spear phishing, malicious scripts and RDP access via stolen credentials.
During March in the Philippines, we saw 23% of users experiencing at least one malware detection and 23.3% trying to visit a malicious URL at least once.
In Malaysia, agriculture supplier FGV Holdings Berhad was hit by Qilin ransomware
FGV Holdings Berhad is a Malaysia-based global agribusiness and food company. It is an affiliate of the Federal Land Development Authority. With operations worldwide, FGV produces oil palm and rubber products, oleochemicals and sugar products.
Qilin ransomware group announced on March 13 that they stole private contracts, agreements, all financial documentation, projects, email correspondence and much more from FGV Holdings Berhad and demanded a ransom to be paid to keep this data private.
Acronis threat intelligence indicates that during March in Malaysia, 21.5% of users experienced at least one malware detection and 21.2% tried to visit a malicious URL at least once.