Ransomware Attack on Level SuperMind by Kill Security Group

Level SuperMind, an innovative app designed to enhance mental performance through mindfulness and wellness practices, has fallen victim to a ransomware attack by the notorious Kill Security group. The app, developed by Level Fittech Private Limited, aims to make mental fitness as culturally relevant as physical fitness, offering a comprehensive suite of features to improve focus, creativity, memory, and overall cognitive function.

Company Overview

Founded in 2021 in Mumbai, India, by Harshil Karia, Ranveer Allahbadia, and Ayush Anand, Level SuperMind has quickly gained recognition in the wellness and fitness services sector. The app has been named Google's Best App on Play in India for 2023, reflecting its popularity and positive impact on users. With over 800,000 downloads and an impressive average rating of 4.8 from more than 10,000 consumer ratings, the app stands out for its use of artificial intelligence to personalize user experiences and gamify engagement.

Attack Overview

The ransomware group Kill Security has claimed responsibility for the attack on Level SuperMind. The group has reportedly exfiltrated sensitive data, including full names, email addresses, passwords, device information, IP addresses, geolocation, payment details, and operational data. The attackers have demanded a ransom of $25,000, with a deadline set for September 5. Kill Security has threatened to publish the stolen data within 14–15 days if their demands are not met.

About Kill Security

Kill Security, also known as KillSec, is a ransomware group known for targeting various industries and countries. The group has been active in sectors such as government, manufacturing, defense, professional services, banking, finance, and sports. They use a variety of communication channels, including Telegram, Session Messenger, and Tox, and prefer Monero (XMR) cryptocurrency for ransom payments. The group is tracked by cybersecurity platforms like ID Ransomware and Ransom-DB.

Penetration and Vulnerabilities

While the exact method of penetration remains unclear, it is likely that Kill Security exploited vulnerabilities in Level SuperMind's cybersecurity infrastructure. Common attack vectors include phishing emails, unpatched software, and weak password policies. Given the sensitive nature of the data exfiltrated, it is evident that the attackers had access to critical systems and databases.

Impact and Implications

This attack highlights the ongoing threat of ransomware to organizations worldwide, particularly those in the software and wellness sectors. The exfiltration of sensitive user data not only jeopardizes the privacy of Level SuperMind's users but also poses significant operational and reputational risks to the company. As Level SuperMind navigates this crisis, the incident serves as a stark reminder of the importance of comprehensive cybersecurity measures.

• Level SuperMind Official Website
• Times of India - Level SuperMind
• WatchGuard - Kill Security
• ID Ransomware
• Ransom-DB