By Ashwani Mishra, Editor-Technology, 63SATS
Governments and organizations worldwide are grappling with escalating cyber threats. India blocked over 7.8 lakh SIMs and 2 lakh IMEIs tied to digital fraud, while Malaysia Airports faced a $10M ransomware attack. A Chinese state-backed group covertly infiltrated an Asian telecom firm for four years. In the U.S., NYU suffered a massive breach exposing over 1 million student records.
Meanwhile, hackers are exploiting the Atlantis AIO tool for large-scale credential stuffing, and crypto platform Abracadabra Finance lost $13M in a targeted heist. These incidents highlight the urgent need for stronger global cybersecurity defenses across sectors.
India Blocks Over 7.8 Lakh SIMs, 2 Lakh IMEIs Linked to Digital Frauds
The Indian government has blocked over 7.81 lakh SIM cards and 2,08,469 mobile IMEIs flagged by police for links to cyber fraud, as per Union Minister Bandi Sanjay Kumar’s response in Lok Sabha. The crackdown, led by the Indian Cybercrime Coordination Centre (I4C), also resulted in disabling 3,962 Skype IDs and 83,668 WhatsApp accounts used for “digital arrest” scams.
The IMEI is a unique identifier for mobile devices. This large-scale action highlights ongoing efforts to dismantle cybercrime networks exploiting telecom infrastructure for fraudulent activities across the country.
Malaysia Airport Cyberattack: $10M Ransom Demanded by Hackers
Malaysia Airports Holdings Berhad (MAHB) suffered a cyberattack in late March 2025, disrupting operations and leading to a $10 million ransom demand. Prime Minister Anwar Ibrahim confirmed the incident during a national address, stating the breach occurred just days ago. Despite the ransom threat, the government is standing firm, refusing to comply.
PM Anwar emphasized plans to invest further in national cybersecurity to fortify digital infrastructure. While the extent of data compromise remains unclear, the event underscores growing threats targeting critical infrastructure in Southeast Asia.
Chinese Hackers Spent 4 Years Inside Asian Telecom Network
A top Asian telecom firm was infiltrated by a Chinese state-backed hacking group dubbed Weaver Ant, according to Sygnia. The hackers maintained undetected access for over four years using stealthy tools like web shells and tunneling. By exploiting a misconfigured public-facing application, the attackers initiated long-term espionage, targeting sensitive telecom data.
Sygnia’s Oren Biderman described the operation as highly persistent and strategic. Though the company name remains undisclosed, the attack reflects escalating cyber-espionage campaigns targeting critical infrastructure across the region, especially within telecommunications.
Hacker Leaks Data of Over 1 Million NYU Students in Major Breach
A hacker defaced NYU’s website, leaking personal data of over 1 million students and applicants. The attacker replaced the homepage with datasets, some allegedly anonymized, containing names, emails, addresses, GPAs, and more. Cybersecurity expert Zack Ganot confirmed many records were improperly redacted, exposing sensitive student information dating back to 1989.
The breach included admissions and financial data, categorized by race and test scores. The leaked datasets were indexed on DataBreach.com for impacted individuals to check. NYU is yet to issue a detailed response as investigations unfold.
Atlantis AIO Tool Drives Credential Stuffing Surge Across 140+ Platforms
Cybercriminals are increasingly using Atlantis AIO, an advanced credential stuffing tool targeting over 140 online services. The software automates login attempts using stolen credentials, exploiting users who reuse passwords across multiple platforms. Credential stuffing enables mass account takeovers, leading to data breaches, financial loss, and reputational damage.
With rapid, systematic testing of credentials, Atlantis AIO represents a growing threat to online security. Experts urge users to adopt strong, unique passwords and enable multi-factor authentication to reduce vulnerability to such automated attacks.
Abracadabra Finance Loses $13M in Crypto Breach via “Cauldrons”
Crypto lending platform Abracadabra Finance lost nearly $13 million in a major cyber heist linked to its “cauldrons” product—isolated lending pools. The exploit, executed through multiple transactions, bypassed existing security systems despite prior audits by Guardian.
Abracadabra confirmed the incident on social media and is working with security partners, including Chainalysis, to investigate and track stolen funds. While the full scope of damage is still being assessed, the breach underscores ongoing vulnerabilities in decentralized finance (DeFi) systems and the need for more proactive threat detection.
