Ransomware Group: APT73

VICTIM NAME: icicibank[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the APT73 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The recent ransomware leak details regarding ICICI Bank based in India presents significant concerns within the financial services sector. The leak encompasses sensitive information related to large numbers of employees and users, with approximately 63,778 employees and 40,686 users affected. Furthermore, the data involves interactions with 392 third-party entities, including 116 distinct domains associated with those third parties. The published date of the leak is recorded as January 21, 2025, which indicates an ongoing threat to information security in the banking domain.

The page reveals that the hacking group responsible for this incident goes by the name “apt73.” Visual evidence from the leak is available, showcasing screenshots that indicate the extent of the data breach and the variety of information that may have been accessed or exfiltrated. While specific download links are not shared here, their presence is indicated in the leak. The significance of this breach stretches across the banking industry in India, highlighting the critical need for enhanced security measures and a thorough investigation into this incident to protect both personal and corporate data.