Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A ransomware group has claimed the scalp of Melbourne-headquartered company ThinkMarkets, with employee and financial data potentially compromised.
Australian online brokerage ThinkMarkets has suffered what appears to be a serious data breach.
A ransomware group calling itself Chaos listed the company in an 8 December post to its dark web extortion site, one of two victims shared that day.
The hackers claim to have stolen 512 gigabytes of data and have published it online. The data appears to be legitimate and includes a wealth of company data, including human resources information, details of customer disputes, legal advice and company policies, and trading information.
Cyber Daily observed several passport scans of both ThinkMarkets employees alongside know-your-customer records of several clients.
Chaos obscures the details of each of its victims, listing only a publication date and data volume. Presumably, when ransom negotiations break down, the hackers reveal the victim and its data.
ThinkMarkets has not responded to Cyber Daily’s request for comment.
Who is Chaos?
Chaos is another relatively new group, first observed in February this year, and not nearly as active – it’s only claimed 28 victims in that time.
According to analysts at Talos Intelligence, the group is very active in promoting its ransomware on Russian language hacking forums and advertising for affiliates.
“They emphasise that the new Chaos ransomware software is compatible with Windows, ESXi, Linux and NAS systems, with features such as individual file encryption keys, rapid encryption speeds and network resource scanning – all with a strong emphasis on high-speed encryption and robust security measures,” Talos said in a July blog post outlining the group,” they said.
“Additionally, the group provides an automated panel for managing targets and communications, which requires a paid entry fee that is refundable upon the first case of payment. They have also clearly stated in their dark web forum post that they explicitly avoid collaborating with BRICS/CIS countries, hospitals and government entities.”
Who is the victim?
ThinkMarkets is headquartered in Melbourne but has a global trading footprint with offices in the Middle East, South Africa, Europe, and the United States. First regulated under the Australian Securities and Investments Commission in 2012 under the name ThinkForex, and rebranding to ThinkMarkets in 2016, the company describes itself as “an innovative, market-leading provider of online trading services”.
“At ThinkMarkets, we are committed to enhancing the trading journey of our clients by providing them with excellent conditions, cutting-edge tools, in-depth educational resources and world-class customer support,” it said.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
