New Year’s Eve malware attack strikes Travelex, services still offline

How to hack a telco? This group uses cheap malware and tweaks it
Gallium hackers are using cheap and disposable malware and hacking tools to compromise telco networks.

Travelex has been forced offline and into manual mode following a malware attack launched on New Year’s Eve. 

On Thursday, the London-based currency exchange said a “software virus” compromised its services, prompting the decision to pull all services offline as a “precautionary measure.”

“Our investigation to date shows no indication that any personal or customer data has been compromised,” Travelex said in a statement posted on Twitter. 

See also: This is the impact of a data breach on enterprise share prices

At the time of writing, the Travelex UK website is inaccessible beyond a runtime error notice. 

The company has switched to manual means to continue its operations in branches, found in areas including airports and standalone, over-the-counter stores. 

Travelex has requested the assistance of third-party cybersecurity professionals to work with internal IT teams in isolating the malware infection. 

CNET: Firefox will let users delete collected data thanks to California’s new privacy law

It is not known what form of malware has impacted Travelex. Ransomware is a potential candidate, as when this form of malicious code infects a system, rapid isolation is often critical to prevent the widespread encryption of files on corporate networks. 

The decision to temporarily suspend online services has not only affected Travelex’s core business, but also other companies that rely on the firm to provide currency exchange services. 

These include Tesco Bank, the financial branch of the major UK supermarket. A screenshot posted to Twitter, dated January 2, informed customers that “planned maintenance” made foreign currency purchasing services “temporarily unavailable.” 

However, when queried, Tesco said “IT issues” at Travelex — rather than maintenance — were the root cause. Now, the domain displays the message, “We’re sorry that we can’t offer online ordering for Travel Money at this time.”

Customers must visit in-branch to order or collect their currency. 

Other currency services, including Virgin Money Travel and HSBC, however, are still displaying the “planned maintenance” message. 

TechRepublic: Alert overload is burning out security analysts

Travelex has apologized to customers and says that “we are doing all we can to restore our full services as soon as possible.” 

Previous and related coverage

Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0