everest attacks FederalBank/Fedfina.part2

Incident Date:

July 20, 2022

World map



everest attacks FederalBank/Fedfina.part2






Mumbai, India

Maharashtra, India

First Reported

July 20, 2022

Ransomware Attack on Fedfina.part2

A ransomware attack has been claimed by the group Everest against Fedfina.part2, a financial institution operating in the finance sector. The victim's website is www.fedfina.com, and the company is based in Kochi, India. Fedfina is a financial institution that has been targeted by the Everest Ransomware group, which has issued a data leak threat and demanded a ransom to unlock the systems.

The Everest Ransomware, also known as Everbe, was launched in 2018 and is known for hacking into computer systems, encrypting them with an encryption code, and demanding a ransom to unlock them. The group has threatened to publish 1,130 GB of internal data and delete the decryption key if the company fails to contact them within 48 hours. The data allegedly contains financial documents, personal data, and documents of employees.

Fedfina has refused to comment on the matter, and an internal probe has been launched into the incident. The public relations company associated with the financial institution has stated that comments cannot be made without the prior permission of the Reserve Bank.

The Financial Services Sector as a Target

The financial services sector has been a favored target of several high-profile threat groups, with about 40% of ransomware incidents against financial services companies linked to Clop. Other major threat groups, including LockBit, AlphV/BlackCat, Royal, and Black Basta, have also targeted financial services companies.

Financial institutions handle trillions of dollars each day and are highly interconnected, relying on a great deal of technology from third-party vendors. The continued threat of cyber disruption places enormous pressures on these businesses, as they risk systemic damage. In recent months, regulators have been cracking down on cybersecurity compliance, with the Federal Trade Commission amending its Safeguard Rule to require nonbank financial institutions to report any breach involving the data of more than 500 customers. New York State's Department of Financial Services has also taken action, reaching a $1 million settlement with First American Title Insurance over allegations the company exposed hundreds of customers' data.

The ransomware attack on Fedfina.part2 highlights the ongoing threat of cyber disruption in the financial services sector. The company's vulnerabilities include the handling of sensitive financial data and the reliance on third-party vendors for technology services. The incident underscores the need for robust cybersecurity measures and regulatory oversight to protect against such attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.