fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Subway Marketing System Hacked To Send TrickBot Malware Emails

Subway Marketing System Hacked To Send TrickBot Malware Emails

Subway UK has disclosed that a hacked system used for marketing campaigns is responsible for the malware-laden phishing emails sent to customers yesterday.

Starting yesterday, Subway UK customers received strange emails from ‘Subcard’ about a Subway order that was placed. Included in the email were links to documents allegedly containing confirmation of the order.

Subway UK phishing email
Subway UK phishing email
Source: Twitter

After analyzing these phishing emails, it was discovered that they were distributing malicious Excel documents that would install the latest version of the TrickBot malware.

TrickBot is a nasty malware infection that allows attackers to steal saved browser passwords, spread throughout a network, steal browser cookiessteal RDP, VNC, and PuTTY Credentials, and much more. Even worse, TrickBot may eventually provide access to the Ryuk or Conti ransomware operations.

Also Read: How Bank Disclosure Of Customer Information Work For Security

As these emails contained a customer’s name and were using email addresses that some users created specifically for Subway, it caused suspicion that Subway had been breached somehow.

When we contacted Subway yesterday about this phishing campaign, we received a response that alluded to a ‘disruption’ of some sort on their email systems.

“We are aware of some disruption to our email systems and understand some of our guests have received an unauthorised email. We are currently investigating the matter and apologise for any inconvenience. As soon as we have more information, we will be in touch, until then, as a precautionary measure, we advise guests delete the email,” a Subway spokesperson told BleepingComputer.

Subway confirms a hacked server used in attack

After sending multiple emails to Subway about the ‘disruption’ seen on their system, the company disclosed that a server responsible for their email campaigns had been hacked to send out the phishing emails.

“Having investigated the matter, we have no evidence that guest accounts have been hacked.  However, the system which manages our email campaigns has been compromised, leading to a phishing campaign that involved first name and email. The system does not hold any bank or credit card details.”

“Crisis protocol was initiated and compromised systems locked down. The safety of our guests and their personal data is our overriding priority and we apologise for any inconvenience this may have caused,” Subway said in a statement to BleepingComputer.

Subway has also started to send disclosure emails to affected customers that states that the customer’s first name and last name were exposed in the attack.

Subway UK email disclosure regarding attacks
Subway UK email disclosure regarding attacks
Click image for full size.

If you received this email and mistakenly opened the malicious Excel document, you can check for the current version of TrickBot by opening Task Manager and looking for a process named ‘Windows Problem Reporting.’ If that process is found, click on the ‘End Task’ button, as shown by the red arrow below, to terminate it.

Also Read: Data Protection Framework: Practical Guidance For Businesses

End Windows Problem Reporting process
End Windows Problem Reporting process

Now perform a thorough scan of your computer using antivirus software and clean anything that is found.

BleepingComputer has once again reached out to Subway to determine how many people were affected and if any other customer information was stored on that server. We have not received a response at this time.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us