Ransomware Attack Hits Malaysia's Pheim Unit Trusts Berhad

Incident Date: Oct 19, 2024

Attack Overview

VICTIM

Pheim Unit Trusts Berhad

INDUSTRY

Finance

LOCATION

Malaysia

ATTACKER

Sarcoma

FIRST REPORTED

October 19, 2024

Request Removal

Ransomware Attack on Pheim Unit Trusts Berhad by Sarcoma Group

Pheim Unit Trusts Berhad (PUTB), a prominent unit trust management company in Malaysia, has recently been targeted by the notorious ransomware group Sarcoma. This attack has raised significant concerns within the financial sector, given PUTB's role in managing substantial retail and Islamic investment funds.

Company Profile and Industry Standing

Established in April 2001, PUTB operates as a wholly-owned subsidiary of Pheim Asset Management Sdn Bhd. The company is licensed by the Securities Commission Malaysia and is known for its expertise in both conventional and Islamic investment mandates. With a focus on retail investors, PUTB has launched eight retail products, including five Islamic funds, which have received accolades from rating agencies like LSEG Lipper and Morningstar. The company employs between 11 to 50 individuals and reported a revenue of RM6.223 million for the financial year ending December 31, 2023.

Details of the Ransomware Attack

The Sarcoma ransomware group has claimed responsibility for the attack on PUTB, marking it as one of the 36 global entities targeted by the group as of October. The attack potentially compromised sensitive client data, which Sarcoma has allegedly obtained. Upon detection, PUTB swiftly disconnected affected servers and initiated containment strategies. The company has been transparent with stakeholders and regulatory bodies, including the Securities Commission, and has formed an Incident Response Team to address the breach.

About the Sarcoma Ransomware Group

Sarcoma is a relatively new but aggressive ransomware group that has quickly gained notoriety for its data breaches across various industries. The group operates a darknet leak site where it lists victims and provides evidence of stolen data. Sarcoma employs a double extortion strategy, threatening to leak exfiltrated data if ransom demands are not met. The group has targeted a diverse range of industries, with a slight preference for entities in the USA, Canada, Australia, and Spain.

Potential Vulnerabilities and Penetration Tactics

While specific details of how Sarcoma penetrated PUTB's systems remain undisclosed, the attack highlights potential vulnerabilities in cybersecurity defenses within the financial sector. The group's tactics often involve exploiting weak security practices, emphasizing the need for enhanced cybersecurity measures. PUTB's proactive response and collaboration with cybersecurity specialists aim to fortify their systems against future threats.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.