The State Child Protection Society (SCPS) of Madhya Pradesh, a government agency tasked with implementing child protection laws, schemes, and welfare initiatives, has become the latest victim of the notorious Funksec ransomware group. The Funksec ransomware group has publicly claimed responsibility for the attack, asserting that it infiltrated 2 GB of sensitive data from the SCPS’s systems.
While the specific details about the nature of the data remain unclear, the potential exposure of sensitive child welfare information has heightened concerns among experts and stakeholders.
The SCPS plays a pivotal role in safeguarding the rights and welfare of the state’s vulnerable children. Any compromise of its data could have significant implications, including risks to children’s safety and privacy.
The Funksec ransomware group was first observed in December 2024 and has since claimed several victims in the United States, France, and India, among other countries.
For instance, in December 2024, the hacking group claimed responsibility for an alleged cyberattack on QuizTarget, an online platform popular for its interactive quiz and survey solutions. The hackers stole 6 GB of sensitive data, potentially impacting millions of users.
Funksec issued a ransom demand of $1 million to be paid before January 1, 2025; otherwise, the group will publish the data publicly.
Other victims in India include The Goods and Services Tax Practitioners Association of Maharashtra (GSTPAM), Ako Business Development Center in Pathshala, Assam, and Arka Jain University, Jharkhand.
The group operates a TOR-based DLS to centralise its ransomware operations. Along with encrypting sensitive data, the hacker group also advertises a free DDoS tool for other potential cyber crooks. Cyber security experts also believe that the group may develop a ransomware library indicating a significant growth in the group’s technological capabilities.
Moreover, Funksec has no particular target sector that they target. The group has been known to target victims across multiple sectors, including education, media, IT, and retail.
In the News: Ficora and Capsaicin botnet exploit decade-old D-Link flaws