Skip to content

Hackers allegedly breach ICICI bank, demand ransom by Jan 24

  • by
  • 2 min read

The Bashe hacking group has claimed responsibility for an alleged cyber breach targeting ICICI, one of India’s largest and most prominent private sector banks. The group, known for its high-profile ransomware attacks, has given a ransom deadline of January 24 to comply with their undisclosed requirements.

Failure to meet this deadline could result in the release of the compromised data, a move that could have severe repercussions for the bank, its customers, and the broader financial sector in India.

It is to be noted that the government of India declared ICICI’s IT infrastructure as ‘critical information infrastructure.’ The Reserve Bank of India (RBI) also considers ICICI as one of the Domestic Systemically Important Banks (D-SIBs). 

We have contacted ICICI Bank and will update this report as soon as we get a comment.

Bashe, also known as AP73 or Eraleig ransomware, is a recent entrant in cyber threats. Experts believe that this ransomware is a spinoff from the LockBit ransomware group.

The group operates via a Tor network and has an infrastructure based in the Czech Republic. Bashe ransomware operates on the AS9009 Automated System Number (ASN) for hosting. Other cyber-criminal gangs such as DarkAngels, Vice Society, TrickBot, Meduza Stealer, and Rimasuta have also used this platform.

Bashe has been known to target the United States, Canada, the United Kingdom, France, Germany, India, Australia, and Indonesia, targeting high-value sectors such as technology, business services, manufacturing, logistics, healthcare, and construction.

India has been under constant pressure from cybercriminals. In 2024, India recorded 369 million cyber attacks, averaging 702 per minute.

Last year, in August, C-Edge Technologies Ltd., a service provider for cooperative and small banks, became a victim of a ransomware attack. In April 2024, a glitch in the ICICI Bank’s iMobile Pay App revealed the credit card information of approximately 17,000 customers.

In 2023, a misconfigured ICICI Bank cloud storage leaked 3.6 million records, including passport details, PAN cards, filled Know Your Customer (KYC) forms, bank account details, credit card numbers, full names, dates of birth, home addresses, phone numbers, and emails.

In the News: Hackers use Ulbricht’s pardon to launch Telegram phishing attacks

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>