Jewels in Jeopardy: Cybersecurity Breach at Malabar Gold & Diamonds
Incident Date:
April 5, 2024
Overview
Title
Jewels in Jeopardy: Cybersecurity Breach at Malabar Gold & Diamonds
Victim
Malabar Gold & Diamonds
Attacker
Snatch
Location
First Reported
April 5, 2024
Malabar Gold & Diamonds Suffers Ransomware Attack
Company Overview
There has been ransomware attack at Malabar Gold & Diamonds, a well-established retailer in the jewelry sector, offering a wide range of products including gold, diamond jewelry, and other accessories. This attack has been carried on by the group Snatch.
Industry Standout
Malabar Gold & Diamonds is a leading jewellery retailer with an annual turnover of $4.51 billion, making it one of the largest jewellery retailers globally. The company has a strong retail network of over 285 outlets spread across 10 countries.
It stands out in the industry for its wide range of products and customer-friendly services, such as one-day shipping and various payment options. The company's focus on modern designs and trends in the jewelry sector also sets it apart from competitors.
Vulnerabilities and Targeting
Snatch group, a formidable player in the cyber threat landscape which is known for targeting various industries has been known to exploit weaknesses in Remote Desktop Protocol (RDP) as a primary method of gaining access to victim’s networks. This is often achieved through brute-forcing, where they leverage administrator credentials, sometimes even seeking compromised credentials from criminal forums and marketplaces.
While the specific details about the attack and the company's vulnerabilities are not provided in the search results, it is clear that the Snatch group targeted a well-established retailer in the jewelry industry.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.