The South Asian hacking collective FunkSec has put up data from Nepal’s Ministry of Federal Affairs and General Administration for sale on the dark web, priced at $50.
A new Tor-based dark web marketplace operated by a self-proclaimed “cybercrime group” named ‘FunkSec’ has recently emerged. This group has claimed 11 victims to date and promotes a free Distributed Denial-of-Service (DDoS) tool.
As of December 3, 2024, FunkSec has targeted 11 victims across various sectors, including media, IT, retail, education, automotive, professional services, and NGOs, spanning countries like the United States, Tunisia, India, France, Thailand, Peru, Jordan, and the United Arab Emirates.
Advertised as a ransomware group, FunkSec’s dark web platform features a “RANSOM” page, suggesting the use of a double extortion strategy. This method involves encrypting and exfiltrating files from the victim’s devices, according to Cyjax.
Known for their politically and ideologically driven cyberattacks, FunkSec also advertised access to the super admin panels of four government websites, including the Nepal’s ministry’s portal. These panels reportedly oversee sensitive information such as budgetary details, municipal records, and official directives. The group’s dark web post emphasizes the ministry’s pivotal role in coordinating and supporting local governments in Nepal. Nepal’s media confirms that Ministry spokesperson Kali Prasad Parajuli mentioned he was unaware of the breach, but cybersecurity platforms like Ransomware Live and Onju.com confirmed that the ministry’s website had been compromised last August, with the Bangladeshi hacker group Anonymous Bangladesh taking responsibility.