KillSec attacks The Kerala Police

Incident Date:

March 21, 2024

World map



KillSec attacks The Kerala Police


The Kerala Police




Thiruvananthapuram, India

Kerala, India

First Reported

March 21, 2024

KillSec Ransomware Group Attacks Kerala Police Website

KillSec ransomware group has attacked the official website of Kerala Police. It demanded the police pay a ransom of €2500 (negotiable) to regain access to the encrypted data. The compromised data included crucial information such as LockedHouse, Appointment Management, and Offense Reporting Management systems, leaving the Kerala Police grappling with the aftermath of the breach. The Kerala Police is the law enforcement agency for the Indian state of Kerala. Kerala Police has its headquarters in Thiruvananthapuram, the state capital.

KillSec: A New Threat on the Horizon

KillSec is a new ransomware group that has carried out its first attacks. The gang describes itself as a "cyber security team", and has targeted many organizations. The group's brazenness is clear in their public announcements and communications. They went on Telegram on October 25, 2023, to advertise their ransomware operations, revealing their intent to disrupt and profit from their illegal activities.

High-Profile Attacks and Modus Operandi

Subsequent attacks on high-profile organizations such as the Romanian Police and Paschim Bengal Gramin Bank underscore their audacity and ability. KillSec operates with a level of sophistication that is hard to believe, given that the group is in its infancy. Making use of a TOR domain and a nginx server ensures anonymity and efficiency in its operations. Moreover, it demands payment in XMR (Monero), a privacy-focused cryptocurrency, which adds another layer of complexity to the task of tracking and apprehending the malefactors.

Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.