A Pune-based automobile parts manufacturer suffered a loss of ₹2.35 crore due to a sophisticated man-in-the-middle (MITM) cyber attack. Fraudsters impersonating executives from an Italian manufacturing firm intercepted business communications and redirected payments to fraudulent accounts. The attack involved advanced email spoofing techniques, including domain spoofing and typosquatting, to intercept communications during a legitimate business transaction for purchasing a press bending machine worth ₹3.1 crore. The fraud was detected when the Pune company contacted the genuine Italian firm's sales executive.
Source: https://cybersecuritynews.com/pune-auto-parts-firm-loses-%E2%82%B92-35-crore/
TPRM report: https://scoringcyber.rankiteo.com/company/atul-enterprises-india
"id": "atu608071425",
"linkid": "atul-enterprises-india",
"type": "Cyber Attack",
"date": "7/2025",
"severity": "60",
"impact": "2",
"explanation": "Attack limited on finance or reputation"{'affected_entities': [{'industry': 'Automobile Parts',
'location': 'Pune, India',
'name': 'Pune-based automobile parts manufacturer',
'type': 'Manufacturer'}],
'attack_vector': 'Email Spoofing, Domain Spoofing, Social Engineering',
'date_detected': 'June 2025',
'description': 'A Pune-based automobile parts manufacturer fell victim to a '
'sophisticated man-in-the-middle (MITM) cyber attack, '
'resulting in a loss of ₹2.35 crore. The attackers intercepted '
'business communications and redirected payments to fraudulent '
'accounts.',
'impact': {'financial_loss': '₹2.35 crore'},
'initial_access_broker': {'entry_point': 'Email Spoofing',
'high_value_targets': 'Payment transactions'},
'lessons_learned': 'Deploy multi-factor authentication (MFA), implement '
'SSL/TLS encryption for all email communications, '
'establish DMARC policies, conduct regular security '
'audits, provide cybersecurity awareness training, verify '
'payment instructions through direct telephonic '
'conversations, implement a dual-approval process for '
'high-value transactions.',
'motivation': 'Financial Gain',
'post_incident_analysis': {'corrective_actions': 'Deploy multi-factor '
'authentication (MFA), '
'implement SSL/TLS '
'encryption for all email '
'communications, establish '
'DMARC policies, conduct '
'regular security audits, '
'provide cybersecurity '
'awareness training, verify '
'payment instructions '
'through direct telephonic '
'conversations, implement a '
'dual-approval process for '
'high-value transactions.',
'root_causes': 'Lack of end-to-end encryption in '
'standard email protocols, Absence '
'of proper email authentication '
'mechanisms'},
'recommendations': 'Deploy multi-factor authentication (MFA), implement '
'SSL/TLS encryption for all email communications, '
'establish DMARC policies, conduct regular security '
'audits, provide cybersecurity awareness training, verify '
'payment instructions through direct telephonic '
'conversations, implement a dual-approval process for '
'high-value transactions.',
'references': [{'source': 'Indian Express'}],
'response': {'law_enforcement_notified': 'Yes'},
'threat_actor': 'Unknown cybercriminals',
'title': 'Man-in-the-Middle Attack on Pune-based Automobile Parts '
'Manufacturer',
'type': 'Business Email Compromise (BEC)',
'vulnerability_exploited': 'Lack of end-to-end encryption in standard email '
'protocols, Absence of proper email authentication '
'mechanisms'}