More than 300GB Prasarana Holdings Bhd are now in the public domain following a cyberattack by RansomHub. Picture for illustration purposes. – Unsplash pic, September 3, 2024
News

Prasarana cyberattack: hackers release 300GB of private files online after countdown ends

RansomHub published documents after public transportation company missed one-week deadline to pay unknown ransom amount

Main Author Image
Arjun Mohanakrishnan
Updated
8:00 AM MYT

 

KUALA LUMPUR – Over 300GB worth of private company files from Prasarana Holdings Bhd are now in the public domain following a ransomware attack against the public transportation provider. 

Cybercriminal gang RansomHub, which claimed responsibility for the attack, on August 25 had given Prasarana one week to pay an unknown ransom amount.  

On their website, which is accessible through an Onion browser, RansomHub stated that Prasarana’s files and documents are now “published” in their database.  

RansomHub has yet to respond to Scoop’s queries regarding the ransom amount demanded from Prasarana.  

While it remains unclear what Prasarana documents were released by RansomHub, the file names suggest data pertaining to the company’s revenue, Touch ‘n Go information, projects, and human resource matters, among other things.  

index of prasarana data
The list of files published by RansomHub on its website. – Screengrab, September 3, 2024

RansomHub claims to be a group comprising hackers from various backgrounds but does not perform attacks against entities from countries that appear to be friendly with Russia.  

According to cybersecurity firm Fortra, it is believed that the administration of the group is located in Russia or a Russia-friendly nation. 

RansomHub operates a ransomware-as-a-service platform, where affiliates gain access to malicious tools to perform hacks.  

With the ransomware in hand, hackers attempt to gain access to a company or entity’s network, possibly through a phishing email or other means.  

Once a network has been successfully infiltrated, the company would not be able to access compromised files unless they pay a ransom to the hackers.  

Screenshot 2024-09-02 203920
Screengrab from RansomHub’s website showing Prasarana documents are ‘published’. – Screengrab, September 3, 2024

It is believed that because RansomHub published Prasarana’s files following the countdown, the company may not have paid the ransom demanded to regain access to its network.

Prasarana has yet to respond to Scoop’s request for a comment on the matter.  

On August 26, Prasarana confirmed that it was the victim of a ransomware attack in a statement to the press.  

Prasarana said that the attack involved unauthorised access to the company’s internal system, adding that their cybersecurity team is handling the situation. – September 3, 2024 

Topics

 

Popular

Petronas staff to be shown the door to make up losses from Petros deal?

Source claims national O&G firm is expected to see 30% revenue loss once agreed formula for natural gas distribution in Sarawak is implemented

Influencer who recited Quran at Batu Caves accused of sexual misconduct in Netherlands

Abdellatif Ouisa has targeted recently converted, underage Muslim women, alleges Dutch publication

Duck and cover? FashionValet bought Vivy’s 30 Maple for RM95 mil in 2018

Purchase of Duck's holding company which appears to be owned wholly by Datin Vivy Yusof and husband Datuk Fadzarudin Shah Anuar was made same year GLICs invested RM47 mil

Related

Copyright © 2023. All rights reserved.