By 63SATS Cybertech News Desk
India battles a surge in offline malware, with 2 crore attacks via USBs flagged by Kaspersky. Globally, ransomware, phishing, and political cyberattacks dominate headlines — from Peru denying Rhysida gang claims to Darcula’s PhaaS stealing 884K credit cards. Harrods and a Trump-era secure app fall victim to breaches, while U.S. and China cyber tensions escalate.
India’s cyber agencies thwart Pakistan-backed intrusions; meanwhile, UK lab Synnovis faces scrutiny for delayed patient breach disclosures. The DoD revamps software procurement, and a Magento plugin hack shakes e-commerce. As passkeys gain traction, poor passwords and digital trust gaps remain critical global concerns.
Kaspersky Flags Surge in Offline Malware Attacks in India
Kaspersky detected nearly 2 crore malware attacks in India using USB drives and removable media in 2024. These offline threats bypass internet defenses, exploiting physical device trust. As businesses focus on online security, experts urge stronger endpoint protection and restricted access to removable devices to tackle this growing blind spot in the cyber threat landscape.
Peru Refutes Rhysida Ransomware Claims
Peru denied a ransomware breach by Rhysida gang despite claims of a 5-bitcoin ransom and leaked documents. While services remained unaffected, attackers briefly accessed Piura’s tax site. Authorities quickly activated cybersecurity protocols. The government maintains national systems weren’t compromised, emphasizing its rapid response and the resilience of its digital infrastructure.
Darcula PhaaS Linked to Massive Credit Card Theft
Darcula, a phishing-as-a-service platform, enabled the theft of 884,000 credit cards through 13 million malicious SMS clicks. Operating over seven months, the service supported 600 cybercriminals globally. Investigations by European media and Mnemonic uncovered the operation’s scale, highlighting the rise of professional, subscription-based phishing services on the dark web.
Celebrity Scam Ads Harvest User Data
Scam groups Reckless Rabbit and Ruthless Rabbit are stealing user data via fake celebrity-endorsed investment ads on Facebook. Victims are tricked into sharing personal info on spoofed crypto platforms. Researchers revealed the use of Traffic Distribution Systems to mask attacks, with scammers auto-generating passwords to deepen engagement and fraud.
US DoD Launches Security-First Software Overhaul
The U.S. Department of Defense introduced the Software Fast Track (SWFT) initiative to modernize procurement. Led by CIO Katie Arrington, the move prioritizes cybersecurity and supply chain visibility. Criticizing existing outdated systems, the DoD aims for faster, secure software adoption aligned with agile development and national cyber defense goals.
Pakistan Cyber Force Claims Defence Breach
“Pakistan Cyber Force” claims to have hacked Indian defence institutions, including MES and MP-IDSA, and defaced the Armoured Vehicle Nigam Limited site with a Pakistan flag and tank. Indian cybersecurity agencies are actively monitoring for further threats, raising concerns about potential state-sponsored cross-border attacks targeting critical national defence infrastructure.
Harrods Cyberattack Joins UK Retail Breach Spree
Harrods confirmed a cyberattack following similar incidents at Marks & Spencer and Co-op. Hackers attempted to access internal systems, prompting restricted online activity. Despite the breach, Harrods’ stores and online shopping remained functional. The incident raises alarms over increasing cybersecurity threats targeting major UK retail businesses.
Secure App Used by Ex-Trump Adviser Breached
A secure communication app used by former U.S. National Security Adviser Mike Waltz was hacked, exposing sensitive messages. The Department of Homeland Security responded by disabling the app on customs officials’ devices. The breach highlights critical vulnerabilities in encrypted apps and underscores the urgent need for secure-by-design digital tools in government use.
Russian Group Disrupts Romanian Election Websites
Russian hacktivist group NoName057(16) launched DDoS attacks on Romanian government and election-related websites during the presidential vote. Targets included the Ministry of Foreign Affairs and the Constitutional Court. Romania’s DNSC restored services quickly. The attack, timed with elections, underscores cyber threats to democratic processes from politically motivated groups.
Ransomware Attacks Drop in April After Gang Outage
Ransomware incidents dropped to 479 in April 2025 from over 900 in February, largely due to the RansomHub gang experiencing a March 31 outage. Only 39 attacks were confirmed by victims. While the dip offers momentary relief, experts warn the threat remains, urging businesses to maintain robust cyber defenses.
U.S. Warns China: Cyber Retaliation on the Table
At RSA 2025, NSC’s Alexei Bulazel warned China of potential U.S. cyber retaliation for attacks on critical infrastructure. Criticizing previous administrations’ inaction, he declared the Trump administration would respond forcefully: “If you come and do this to us, we’ll punch back.” The warning signals a tougher stance on nation-state cyber aggression.
Weak Passwords Still a Global Threat, Passkeys Gain Momentum
A FIDO Alliance study shows over a third of users suffered breaches due to poor passwords. Passkey adoption is rising, with 69% using them on at least one account. Benefits include better security and convenience. Still, 48% abandon purchases due to forgotten passwords, highlighting the urgent need for better, user-friendly authentication systems.
Supply Chain Attack Hits E-Commerce Giants via Magento Plugins
A major supply chain attack compromised 500–1,000 online stores via 21 tainted Magento plugins. Malware dormant since 2019 was activated in April 2025. PHP backdoors were embedded in plugin license files, affecting even a $40 billion firm. Sansec says the breach likely stemmed from multiple compromised vendors, complicating attribution and cleanup.
Dating App ‘Raw’ Leaks Sensitive User Data
Dating app Raw suffered a major data breach exposing GPS locations, birthdates, and private preferences of users. Launched in 2023, the app emphasizes authenticity through daily selfies but failed to secure sensitive data. The breach endangers user safety, with no clarity yet from the company on how many were affected or how it happened.
India Thwarts Multiple Pakistan-Backed Cyber Intrusions
Indian cybersecurity agencies foiled coordinated cyberattacks by Pakistani groups HOAX1337 and National Cyber Crew, which targeted Army Public School sites in Jammu. The attempted defacements followed a recent terror incident. Real-time interception prevented significant damage, underscoring rising digital hostilities and the need for vigilant, rapid-response cyber defense across critical systems.
UK Lab Breach Leaves Patients Uninformed for Nearly a Year
A ransomware attack on London-based Synnovis in 2024 exposed sensitive NHS patient data, including STI and cancer details. Nearly a year later, many patients still remain uninformed. The Qilin group’s breach affected multiple hospitals, and Synnovis has yet to fully disclose the extent. The lack of transparency raises concerns over accountability and data ethics.mpacts.
