Financial Institution MIDF Berhad Falls Victim to Group Rhysida
Incident Date:
April 7, 2024
Overview
Title
Financial Institution MIDF Berhad Falls Victim to Group Rhysida
Victim
Malaysian Industrial Development Finance
Attacker
Rhysida
Location
First Reported
April 7, 2024
MIDF Berhad: A Target for Ransomware Attacks
Company Overview
The financial institution based in Malaysia MIDF Berhad is a significant player in the financial sector and has recently been targeted by the ransomware group rhysida. It operates in three core business areas: investment banking, development finance, and asset management. The company's annual report for 2023 is available on the Securities Commission Malaysia's website.
MIDF offers a range of financial services to businesses while committing to security awareness, as evidenced by their security awareness page on their website. They provide guidance on how to avoid scams and phishing attempts, emphasizing the importance of verifying sources before sharing personal information or transferring funds.
Vulnerabilities and Threats
The Rhysida Ransomware Group has been observed to threaten victims with public distribution of the exfiltrated data, bringing them in line with modern-day multi-extortion groups. These attacks can cause significant disruptions and monetary losses in the finance sector, as seen in the case of the Industrial and Commercial Bank of China's ransomware attack in the U.S.
The specific vulnerabilities are not detailed in the available information. However, cybersecurity threats, including ransomware attacks, have been observed to be on the rise in Malaysia
Sources:
- MIDF Berhad - Discover More About MIDF
- Securities Commission Malaysia - Annual Report 2023
- MST Golf Group Berhad - Notice Accompanying the Electronic Prospectus
- MIDF Berhad - Security Awareness
- Sime Darby Berhad - Annual Report 2023
- Moomoo - World's Largest Bank Industrial and Commercial Bank of China's Ransomware Attack
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.