Global Cyber Pulse, 13 Jan 2025

January 13, 2025 | Cybersecurity
By Ashwani Mishra, Editor-Technology, 63SATS

A cyberattack forced Mumbai’s NCLT to suspend virtual hearings after explicit content was broadcast, exposing vulnerabilities in India’s judicial infrastructure. Meanwhile, Spanish telecom giant Telefónica suffered a breach in its ticketing system, raising concerns about enterprise security. Slovakia’s land registry system was disrupted by a large-scale cyberattack, with suspicions linking it to geopolitical tensions with Ukraine.

Microsoft is tackling a hacking-as-a-service group exploiting AI systems to generate harmful content. Researchers also uncovered FunkSec, an AI-driven ransomware group targeting victims globally with double extortion tactics. Lastly, Apple iMessage users fell victim to phishing scams, bypassing built-in protections, emphasizing the growing need for robust cybersecurity measures across critical systems and platforms.

NCLT Mumbai Halts Virtual Hearings After Cyberattack

The National Company Law Tribunal (NCLT) in Mumbai suspended virtual hearings following a cyberattack on its system in December.

According to livemint, hackers disrupted proceedings by broadcasting explicit content, exposing vulnerabilities in India’s judicial digital infrastructure. Legal experts have emphasized the urgent need to strengthen cybersecurity to ensure uninterrupted access to justice. Police registered a case on December 19 and are tracing the attackers via IP addresses under the Information Technology Act. The disruption forced a switch to physical hearings, causing delays and inconveniencing litigants and lawyers.

TelefĂłnica Confirms Data Breach in Ticketing System

Spanish telecom giant TelefĂłnica confirmed a breach in its internal ticketing system after stolen data surfaced on a hacking forum. Hackers, using aliases like DNA and Pryx, leaked data from TelefĂłnica’s Jira database.

The company stated it has taken immediate steps to block unauthorized access and is investigating the incident. Telefónica, operating across 12 countries, is Spain’s largest telecom provider under its Movistar brand. This breach raises serious concerns about the security of internal enterprise systems, highlighting the need for robust cybersecurity practices.

Massive Cyberattack Targets Slovakia’s Land Registry System

A cyberattack originating outside Slovakia disrupted the Office of Geodesy, Cartography, and Cadastre (UGKK), which manages land and property records. The Slovak Interior Ministry confirmed the attack, leading to system shutdowns and limited operations from January 9.

Politicians, including Agriculture Minister Richard Takáč, suspect Ukraine’s involvement, tying it to recent gas disputes. While politicized, cybersecurity expert Pavlina Pavlova stressed that restoring systems is the priority. The attack underscores vulnerabilities in critical national infrastructure amid geopolitical tensions.

Microsoft Battles Hacking-as-a-Service Targeting AI Platforms

Microsoft is pursuing legal action against a foreign hacking group operating a “hacking-as-a-service” scheme. The group exploited public customer credentials to bypass safety controls in AI platforms like Azure OpenAI Service, generating harmful content. The threat actors monetized access by selling tools to other cybercriminals, providing instructions for misuse.

Microsoft discovered the breach in July 2024 and has since revoked access, strengthened safeguards, and seized the group’s website, “aitism[.]net.” This case highlights the growing risk of AI exploitation in cybercrime.

FunkSec: AI-Driven Ransomware Targets Global Victims

Cybersecurity researchers have uncovered FunkSec, a new AI-assisted ransomware group that emerged in late 2024, targeting over 85 victims globally. FunkSec employs double extortion tactics, demanding low ransoms—sometimes as little as $10,000—and selling stolen data to third parties.

The group operates under a ransomware-as-a-service (RaaS) model, using a custom Distributed Denial of Service (DDoS) tool. Victims span the U.S., India, Italy, and Brazil. Check Point Research suspects novice actors seeking notoriety by repurposing leaked data from previous cyber incidents.

Phishing Scam Exploits Apple iMessage Users

Cybercriminals are bypassing Apple iMessage’s phishing protection by tricking users into disabling safeguards. Apple automatically blocks links from unknown senders to protect users from smishing (SMS phishing) attacks.

However, if users reply to these messages or add the sender to their contacts, the protection is disabled, reactivating harmful links. With mobile devices central to daily life, this scam highlights the need for vigilance and stricter protective measures to counter evolving phishing tactics targeting iMessage users.