ICBC London Hit by Major Ransomware Attack from Hunters International
Ransomware Attack on ICBC London by Hunters International
Hunters International, a notorious ransomware group, has claimed responsibility for a significant cyberattack on ICBC London, a branch of the Industrial and Commercial Bank of China (ICBC). The group alleges they have exfiltrated 6.6 terabytes of data, comprising over 5.2 million files, and have set a ransom deadline for September 13. This breach could have severe repercussions for ICBC London, given its extensive global financial operations and the stringent data privacy regulations in the EU and UK.
About ICBC London
ICBC London, officially known as ICBC (London) Plc, is a branch of the Industrial and Commercial Bank of China, the largest commercial bank in China. Established in 2002, ICBC London operates under the regulatory oversight of the Prudential Regulation Authority and the Financial Conduct Authority in the UK. The bank provides a comprehensive suite of financial services, including personal banking, corporate banking, and e-banking services. It plays a crucial role in facilitating international trade and investment activities between China and the UK.
Attack Overview
Hunters International claims to have stolen 6.6 terabytes of data from ICBC London, encompassing over 5.2 million files. The group has set a ransom deadline, threatening to release the data publicly if their demands are not met. This breach could lead to severe legal and compliance issues for ICBC London, particularly given the stringent data privacy regulations in regions such as the EU and UK.
About Hunters International
Hunters International is a Ransomware-as-a-Service (RaaS) group that emerged in Q3 of 2023, shortly after the disruption of the Hive ransomware group. The group's ransomware code contains significant overlap with Hive ransomware, indicating a shared technical lineage. Hunters International focuses on exfiltrating target data and extorting victims with ransom demands. The group has been detected targeting victims across various regions, including the US, UK, Germany, and Namibia.
Penetration and Vulnerabilities
While the exact method of penetration remains unclear, Hunters International is known for employing sophisticated tactics such as the SharpRhino RAT malware to infiltrate networks undetected. ICBC London's extensive digital infrastructure and its role in facilitating international financial transactions make it a lucrative target for ransomware groups. The bank's reliance on e-banking services and digital platforms could have provided multiple entry points for the attackers.
Sources
See Halcyon in action
Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!