Housing Finance company Indiabulls was hit by CLOP ransomware and screenshots of the stolen data were posted online.
Housing Finance company Indiabulls was hit by CLOP ransomware and screenshots of the stolen data were posted online.
The Indiabulls Group is India’s second-largest housing finance company is a mortgage lender, headquartered in New Delhi, India with $3.5 billion in revenue (2019), over 19,000 employees.
The Cyble research team discovered the data leak while scanning fraudulent activities in the deep and dark web.
The data leak contains snapshots of highly sensitive bank-related documents such as transaction details, vouchers, letters sent to bank managers and much more.
The bad actors have leaked the data as a warning to Indiabulls group to accept their term within 24 hours otherwise, the operators tend to leak a large lot of the company’s confidential data.
It is unclear how much ransomware CLOP demands or when the attack occurred.
The cyber intelligence firm said that a gateway of Indiabulls had a technical vulnerability but it could not verify whether the breach in Indiabulls system had taken place due to the same vulnerability
“According to Cyber Intelligence firm Bad Packets, hackers allegedly exploited the CVE-2019-19781 vulnerability in the Citrix Netscaler ADC VPN Gateway exposed by Indiabulls,” stated security affairs.
The CVE-2019-19781 vulnerability affects Citrix Application Delivery Controller (ADC), Citrix Gateway and Citrix SD-WAN WANOP appliances.
CLOP Threat Actors
CLOP threat actors are known to steal unencrypted files before deploying the ransomware and the leaked files are then posted on their ‘CLoP^_- LEAKS’ data leak site. Later they threaten the victim that more data will be leaked if the ransom demand is not paid.
The CLOP Ransomware operators have conducted an attack in March against U.S pharmaceutical company ExecuPharm where they stole 163 GB of encrypted files and later leaked it all on their data leak site after not being paid.
For the latest cyber threats and the latest hacking news please follow us on Facebook, Linkedin, and Twitter.
You may be interested in reading: Private Zoom Video Recordings Exposed Online