By Ashwani Mishra, Editor-Technology, 63SATS
Electrica Group is investigating an ongoing ransomware attack affecting millions, as Moody’s warns of rising ransomware threats exploiting supply chain vulnerabilities. Meanwhile, a sophisticated mobile phishing campaign is spreading the updated Antidot Banker Trojan, and Highgate Hotels has issued data breach notifications after a cyberattack exposed sensitive consumer information.
Electrica Group Investigates Ransomware Attack Impacting Millions
Electrica Group, a cornerstone of Romania’s electricity distribution and supply market, is battling a ransomware attack that remains active. Serving over 3.8 million users, the company ensures electricity distribution across Transilvania and Muntenia. Founded in 1998 as a division of CONEL and established as an independent entity in 2000, Electrica is double-listed on the Bucharest and London stock exchanges. The attack highlights growing concerns about the security of critical infrastructure providers, urging greater investments in cybersecurity for essential services.
Moody’s: Ransomware Targets Larger Organizations Through Supply Chains
Ransomware attacks are set to escalate, with hackers increasingly exploiting supply chain vulnerabilities to infiltrate high-value organizations, according to Moody’s. This strategy aims for larger payouts by leveraging weaknesses in third-party suppliers, significantly raising the credit risk for a growing number of companies. Moody’s also predicts this trend will push organizations toward greater adoption of cybersecurity measures and heightened law enforcement oversight. As fewer victims agree to pay ransoms—dropping from 85% in 2019 to 28% in 2024—cybercriminals are shifting their focus to larger targets capable of affording higher payouts.
Mobile Phishing Campaign Spreads New Variant of Antidot Banker Trojan
Cybersecurity researchers have uncovered a mobile phishing campaign designed to distribute a new version of the Antidot banking trojan. The attackers pose as recruiters, tricking victims into downloading a malicious application disguised as part of a fraudulent hiring process. This malware, named AppLite Banker, can steal unlock patterns, passwords, and PINs, and remotely control infected devices. Such advanced features, similar to those seen in the TrickMo malware, underline the growing sophistication of mobile cyber threats. Experts urge vigilance when downloading apps, especially from unverified sources, to avoid falling prey to such scams.
Highgate Hotels Data Breach Exposes Sensitive Consumer Information
Highgate Hotels has disclosed a data breach that compromised sensitive consumer and employee information, including Social Security numbers, driver’s license details, and health insurance information. The breach occurred between March 25–26, 2024, and affected company systems and employee email accounts. Highgate began notifying impacted individuals on December 6, 2024, offering guidance on safeguarding against fraud and identity theft. The breach underscores the importance of robust cybersecurity practices and timely communication to affected parties. Victims are advised to monitor their accounts closely and consider legal consultation to explore their options for redress.