Ransomware group ‘Sarcoma’ attacks Popular Life Insurance

The "Sarcoma" ransomware group targeted an attack at the Popular Life Insurance Co Ltd, a public service companies in Bangladesh. 

According to the Bangladesh Cyber Security Intelligence (BCSI) threat intelligence team, the attackers issued a five-day ultimatum to expose the stolen data unless their demands are met. 

The BCSI further said the ransom amount is yet to be disclosed.

According to the intelligence unit, the Sarcoma is an emerging threat actor group that was first detected on 10 October 2024 and it has made a name for itself in the cybercriminal landscape. 

Among their criminal activities, they encrypt the victim's data as well as steal sensitive information to pressurise organisations to comply with their demands. 

There have been 46 victims reported so far. 

Sarcoma has already climbed to the ranks of the top 10 ransomware groups globally. 

The ADT Freight Services Australia Pty Ltd was among the group's target.

The BCSI Threat Intelligence Team reported that approximately 36GB of data, including attachments and SQL files, has been stolen. 

However, the specifics of the leaked information remain unclear. There are concerns that the breach could include Personally Identifiable Information (PII), raising alarm over potential misuse, it said in its report on Monday (18 November). 

In its report, the BCSI said, "The attack highlights a troubling trend: cybercriminals are becoming more sophisticated, deploying advanced tactics, techniques, and procedures.

"For organisations like Popular Life Insurance Co Ltd, this underscores the importance of robust cybersecurity measures. The negligence in safeguarding sensitive data has not only compromised organisational information but also potentially exposed individuals' PII."