Threat actors operating the Vice Society forum, a notorious ransomware group published a document from their victims which included Duty-Free Philippines.

 

Duty Free Latest Victim by the operator behind Vice Society
Figure 1: Vice Society announcement of the stolen data from Duty-Free Philippines

What is Duty-Free?

Duty-Free Stores are retail establishments licensed by the government to sell duty- and tax-free merchandise for the convenience of travelers.

Duty-free can be found at the Fiestamall, NAIA Terminal 1, Terminal 2, Terminal 3, Luxe, Kalibo International Airport, Iloilo International Airport and Mactan International Airport.

Foreign and regular travelers are entitled to a tax-exempt maximum purchase of USD 1,0000 and the purchase must be made within 48 hours upon arrival.

Who is Vice Society?

Vice Society is a known ransomware group targeting different infrastructures from all over the world. Recently, the group published stolen documents from their victim located in Asia, Duty-Free Philippines. The criticality of this leak or breach is important as the documents include sensitive information about the victim, its employee and customers.

According to CISA, Vice Society is an intrusion, exfiltration, and extortion hacking group that first appeared in the summer of 2021. They are known for deploying Hello Kitty/Five Hands and Zeppelin ransomware.

However, the group has switched its operation since December of 2022 to implement a strong hybrid encryption scheme that is based on NTRUEncrypt and ChaCha20-Polu1303 based on the BleepingComputer report.

 

Duty-free Philippines stolen documents not only provide criticality to their customers, and employees but it is also posed a security threat as the data includes sensitive information of the entity such as the architectural design of the airports in the country Philippines.

 

Leave a Reply