LockBit ransomware group claims cyber attacks on two Kerala-based companies

Other companies on their list are Hyderabad-based pharma company Hetero and automobile parts manufacturer Vikrant Group from Vadodara.
Image used for representational purposes only
Image used for representational purposes only
Updated on
2 min read

KOCHI: The dreaded Russian ransomware LockBit has claimed that it has successfully hacked into the computer systems of two Kerala-based companies. LockBit ransomware on its dark web portal declared that it has hit four Indian companies, including Thrissur-based Double Horse, which is into food production, and garment production company V-Star based in Ernakulam.

Other companies on their list are Hyderabad-based pharma company Hetero and automobile parts manufacturer Vikrant Group from Vadodara.

As part of its claim, there are pictures of bank account details, invoices, purchase orders, supply details, content on computer drives and driving licences of employees posted on its dark web portal. Prima facie, from the shared pictures, it seems that LockBit ransomware has hit the individual computers or laptops of employees.

LockBit penetrates computers linked to various companies and locks the system demanding a ransom. In case the ransom is not paid, they lock the computer system permanently and dump the accessed data into the dark web.

IT officials of V-Star said they came to know about a cyber attack recently. “There was a cyber attack on our attendance system. We are rectifying it now. But our operations are unaffected as we follow a cloud-based system,” a V-Star official said.

Double Horse is yet to respond to the incident. While there is no information about the amount demanded, the hackers have given May 15 as the deadline for paying the ransom.

The information about the data breach was shared by a private cyber security firm Falconfeeds.io on its social media handles on Saturday. Nandakishore Harikumar, CEO of Falconfeeds.io said the gravity of the data breach is not yet known.

“We don’t know whether the data breach has in any way affected these companies. However, sometimes, this ransomware gets access to sensitive information about the companies. Though there are guidelines from the Centre to inform the Indian Computer Emergency Response Team in case of data breaches, many companies do not know about them. Some do not even report it to the police,” he said.

LockBit was responsible for around 20% of ransomware attacks last year, targeting several international firms like Royal Mail, UK’s National Health Service, Boeing and numerous international banks. In February this year, the US Federal Bureau of Investigation (FBI), along with other international law enforcement agencies, disrupted the operations of LockBit by taking down its dark web operations. However, LockBit revived with the 3.0 version (LockBit Black) recently and intensified its cyber-attacks across the globe.

Last week, the US announced a $10 million bounty on Russian national Dimitry Yuryevich Khoroshev who is the developer and administrator of LockBit ransomware.

According to reports, 22 companies from India were targeted by LockBit ransomware last year.

“LockBit is one of the most notorious ransomware operational now. They hack into the systems of around 20 companies a day and put their names on their dark web portal. LockBit combines with other hackers and operates as an organised group. They make use of vulnerabilities in computer systems and hack them. Last year, they claimed to have received $120 million as ransom which was channelled via bitcoins. Often weak security systems lead to such breaches. Several companies do not even have an updated Operating System (OS) and they are vulnerable to such cyber attacks,” he said.

Related Stories

No stories found.

X
The New Indian Express
www.newindianexpress.com