everest attacks FederalBank/Fedfina.part4

Incident Date:

July 26, 2022

World map



everest attacks FederalBank/Fedfina.part4






Pankha Rd, India

Delhi, India

First Reported

July 26, 2022

Ransomware Attack on FederalBank/Fedfina

FederalBank/Fedfina, a subsidiary of Federal Bank, has been targeted by the ransomware group Everest. The attack was announced on the dark web leak site, and the victim's website is linked. Fedfina operates in the Finance sector and is currently in the process of initiating an Initial Public Offering (IPO).

Company Size and Industry Standout

Federal Bank is a leading private sector bank in India, with a market capitalization of approximately Rs 10,000 crore as of January 12, 2022. The bank has a strong presence in the retail banking segment and has been expanding its footprint in the corporate and investment banking segments.

In the Finance sector, Federal Bank stands out for its focus on digital transformation and customer-centric services. The bank has been investing in technology to enhance its digital capabilities and improve customer experience.

Vulnerabilities and Targeting

Ransomware attacks are a significant threat to the financial sector, as they can disrupt critical operations and expose sensitive information. The attack on Fedfina highlights the need for robust cybersecurity measures to protect against such threats.

The ransomware group Everest exploited a vulnerability in the victim's systems to gain access and deploy the ransomware. The exact nature of the vulnerability is not disclosed, but it is likely that the attackers took advantage of an unpatched software or hardware flaw.

To mitigate the risk of ransomware attacks, banks should implement a defense-in-depth strategy, which includes a combination of security controls such as antivirus/antimalware software, endpoint hardening, and data loss prevention software. Regular patching and vulnerability remediation are also crucial to prevent attackers from exploiting known vulnerabilities.

The ransomware attack on FederalBank/Fedfina underscores the importance of robust cybersecurity measures in the financial sector. Banks must continuously assess their risk management programs and comply with the provisions of their cyber insurance policies to protect against financial losses.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.