Rupicard Hit by Killsec Ransomware Exposing 600GB of Data
Incident Date:
September 10, 2024
Overview
Title
Rupicard Hit by Killsec Ransomware Exposing 600GB of Data
Victim
Rupicard
Attacker
Killsec
Location
First Reported
September 10, 2024
Rupicard Falls Victim to Killsec Ransomware Attack
Rupicard, an innovative financial service provider in India, has recently fallen victim to a ransomware attack orchestrated by the notorious cybercriminal group Killsec. The attack has resulted in the exfiltration of over 600 GB of sensitive data, including millions of credit score records.
Overview of Rupicard
Rupicard is a financial technology startup based in Bengaluru, India, focusing on providing accessible credit card solutions tailored for the Indian market. The company aims to democratize access to credit cards, particularly for those who are financially underserved, including small businesses and individuals in Tier-2 cities. Their primary offering, the Rupicard FD Credit Card, operates on a secured credit model, helping users build or improve their credit scores.
Attack Details
The ransomware group Killsec has claimed responsibility for the attack on Rupicard via their dark web leak site. The attackers successfully infiltrated Rupicard's systems and exfiltrated a significant amount of sensitive data. The perpetrators have left a message indicating their willingness to negotiate, urging the company to contact them for offers.
About Killsec
Killsec, also known as Kill Security, is a ransomware group known for targeting various industries and countries. The group has been active in sectors such as government, manufacturing, defense, professional services, banking & finance, and sports & gaming. They use a variety of communication channels and crypto wallets to conduct their operations, often demanding significant extortion amounts from their victims.
Vulnerabilities and Penetration
Rupicard, being a small to medium-sized enterprise with a workforce ranging from 11 to 50 employees, may have been particularly vulnerable to such an attack due to limited cybersecurity resources. The exact method of penetration remains unclear, but common tactics include phishing emails, exploiting software vulnerabilities, and leveraging weak security protocols. The attack on Rupicard underscores the importance of comprehensive cybersecurity measures, especially for financial institutions handling sensitive data.
Sources
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.