Prolific ransomware gang LockBit has claimed responsibility for hacking one of India’s leading stockbrokers, Motilal Oswal. Indian authorities say they are aware of the incident and are investigating.
On Tuesday, LockBit added Indian brokerage giant Motilal Oswal on the dark web leak site, according to the listing seen by TechCrunch. Cybercrime groups often use their leak sites to extort ransom payments from their victims and threaten to publish the victim’s stolen data if they don’t pay.
LockBit claims it has access to “confidential company data”.
Motilal Oswal serves approximately six million clients across hundreds of cities in India and holds assets under its advice about $53 billion.
It is unclear whether the brokerage is facing any operational disruption. Motilal Oswal’s representatives did not respond to multiple emails seeking comment, but did not dispute an incident.
India’s Computer Emergency Response Team, or CERT-In, told TechCrunch in an email Thursday that it was aware of the issue and “is already in the process of taking appropriate measures.”
Established in 1987, Motilal Oswal operates a portfolio of financial services including asset and wealth management, equity and commodity trading, investment banking, institutional broking and mutual fund distribution. The financial giant also has a private equity arm called Motilal Oswal Alternatives, which has backed a number of companies, including electronics makers Dixon and VVDN Technologies, as well as startups including KreditBee.
As of 2022, LockBit has emerged as one of the most developed ransomware variants worldwide. The Russian-linked ransomware gang has carried out attacks on tech companies, including Taiwanese chipmaker TSMC, IT services firm Accenture and manufacturer Foxconn. Last year, the LockBit group also attacked Indian pharmaceutical company Granules India and India’s state-owned National Aerospace Laboratories.
