Skip to content

Indian EdTech platform Wissenhive targeted by ransomware group

  • by
  • 2 min read

Indian edtech platform Wissenhive has fallen prey to a ransomware attack by the FunkSec group. The attackers claim to have accessed and leaked over 32,000 records containing sensitive data from 2021 to 2022, including admin details, hashed passwords, and personal identifiers.

The leak involves sensitive data such as admin emails, hashed passwords, contact names, and additional identifying data. While the database size may be modest compared to some breaches, its contents raise significant privacy and security concerns.

This data leak can lead to additional phishing attacks where scammers can conduct cyber fraud operations on victims.

Wissenhive has built a reputation as a leading online marketplace, offering certification courses in high-demand areas such as Data Science, Project Management, and other cybersecurity courses.

The FunkSec ransomware group emerged in September 2024. Their main motivation is financial gain through victim extortion. Moreover, the ransomware group is expanding to various sectors such as information technology (IT), retail, education, automotive, professional services, and non-governmental organisations (NGOs).

This ransomware group expanded to the United States, Tunisia, India, France, Thailand, Peru, Jordan, and the United Arab Emirates.

In India, too, the group has targeted several governmental and non-governmental entities. The government agencies include The Goods and Services Tax Practitioners Association of Maharashtra (GSTPAM), and Madhya Pradesh’s State Child Protection Authority (SCPS), among others.

Non-governmental organisations include the Ako Business Development Center in Pathshala, Assam, QuizTarget and Arka Jain University, Jharkhand.

Experts observed that the group operates a TOR-based DLS to centralise its ransomware operations. Along with encrypting sensitive data, the hacker group also advertises a free DD0S tool for other potential cyber crooks.

They also believe that the group may develop a ransomware library, which indicates significant growth in the group’s technological capabilities.

A new research by experts revealed that the FunkSec group is managed by amateur threat actors who are using artificial intelligence (AI) to upgrade and improve their malware and other tools. This means that the FunkSec operators lack technical know-how. This also shows how advancements in AI can lead amateurs to upgrade hacking tools and software.

In the News: Microsoft sues cybercriminals abusing its AI services

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: kumarhemant@pm.me

>