The Killsec ransomware group claims to have breached several companies, posting them on its dark web leak site. The victims operate in the financial technology and brokerage sectors, with the threat actors threatening to release sensitive customer data if their ransom demands are not met.
The latest list of alleged victims posted by the group includes:
- xChief (🇰🇲): An online forex and CFD broker headquartered in Fomboni, Comoros. Established in 2014, the firm, formerly known as ForexChief, serves a global clientele.
- WalletKu Indompet Indonesia (🇮🇩): A digital payment and lifestyle platform based in Indonesia that provides a wide range of services, including mobile credit top-ups, bill payments, and e-wallet services.
According to the actor, the allegedly compromised data includes a significant amount of sensitive customer Know Your Customer (KYC) information. The proof-of-hack images show individuals holding their government-issued identification cards. The compromised data includes:
- Full names
- Photos of individuals
- Government-issued identification documents
- Dates of birth
- Addresses
