A threat actor claims to have breached Kiple, a Malaysian company specializing in digital payment solutions. According to a post on a dark web forum, the incident occurred in October 2025, resulting in the theft of the company’s source code. Kiple, a Greenpacket company, provides services including e-wallets, Visa prepaid cards, and e-wages for salary disbursements, and is a partner of Visa and Alibaba Cloud. The leak appears to encompass a wide range of the company’s internal and external-facing projects.
The actor claims to have stolen and leaked the company’s entire source code, posting a link to a 3.71 GB archive. Analysis of the leaked file structure suggests the compromised source code includes numerous projects and systems. According to the actor, the data includes:
- Source code for backend services, APIs, and payment gateways.
- Mobile application source code for both Android and iOS platforms.
- Frontend source code for customer and administrative portals.
- Source code for sensitive systems, including eKYC (Electronic Know Your Customer), fraud detection, and credit card processing.
- Database schemas, migrations, and configuration files.
- DevOps scripts, including Terraform infrastructure-as-code files.
