HQ/EMEAFind out how we can help your business
Another victim has been added to the list of victims of the Medusa ransomware gang after our researchers in iZOOlogic have seen a famous African bank receiving a threat from the group’s leak site.
Similar to some of the victimised organisations listed in the Medusa ransomware group’s leak site, there is a countdown timer on the page where the African bank is claimed to have been targeted by the group. This time, the deadline that the financial institution received from the gang was four days and a couple of hours.
Based on our research team’s assessment, this countdown timer indicates that the threat group would leak the victim’s allegedly stolen data or sell it to other threat actors should the victim refuse to pay the ransom demands.
The victimised African bank could be a giant financial institution holding the critical data of millions of people.
As observed, the Medusa gang mentioned which data they had collected from the alleged hack on the financial institution. These critical data are credit risk analysis, loan notifications, certificates of non-indebtedness, certificates of non-bankruptcy, and summary reports of identified risks.
It is unknown whether customers’ information is included in the stolen data, but all people who might have a banking account in any financial institution across Africa are warned to be vigilant against cyberattack threats.
The threat group have also not mentioned any ransom amount they are demanding from the targeted African bank.
According to separate studies, South Africa has recorded a concerning increase in cybercrime incidents, particularly targeting its banking industry. Some risks feared by security analysts include corporate emails being exposed to phishing attempts, malware-as-a-service, and ransomware attacks.
Meanwhile, in April last year, researchers detected a series of cyberattacks across West Africa, with threat actors leveraging phishing emails and HTML smuggling tactics to deploy malware on targeted networks.
Following these cybercrime threats surrounding the banking sector in African regions, security researchers recommend establishments have wide visibility over their critical networks to isolate or block malicious attempts from unauthorised entities.
