Notorious ransomware group ALPHV, also known as BlackCat, has claimed responsibility for a targeted attack on Bangladesh Krishi Bank. According to a post by ALPHV on July 7, 2023, the hackers successfully breached the bank’s security, gaining access to sensitive data and paralysing its operations.
ALPHV, also referred to as ALPHV-ng, BlackCat, and Noberus, is a ransomware-as-a-service (RaaS) group that emerged in November 2021. This notorious threat actor employs the triple-extortion technique to target organisations globally, spanning various sectors.
According to the ALPHV post, On June 21, 2023, ALPHV infiltrated Bangladesh Krishi Bank’s network, extracting over 170gb of crucial information. Their presence went undetected for 12 days, allowing them ample time to study internal documentation and steal valuable data with impunity.
The compromised information includes highly sensitive financial records such as account details, statements, and tax information. The hackers also acquired employee data, including emails, passport copies, labour papers, and employment contracts, potentially exposing the personal information of the bank’s staff. The threat group also obtained the bank’s SQL backup on June 19th, 2023.
“We are here to inform you about data breach which took place at the “Bangladesh Krishi Bank” network on June 21th 2023. As a result of this breach our team had downloaded over 170Gb of sensitive data from this network. Also we have encrypted all servers and data stored there. We have infiltrated Krishi Bank network and stayed there for 12 days, it was enough to study their documentation and download everything was needed,” said the ALPHV post.