DealPlexus Breach by Funksec Exposes Sensitive Client Data

Incident Date: Dec 11, 2024

Attack Overview

VICTIM

DealPlexus

INDUSTRY

Finance

LOCATION

India

ATTACKER

Funksec

FIRST REPORTED

December 11, 2024

Request Removal

Ransomware Attack on DealPlexus: A Closer Look at the Funksec Breach

In a significant cybersecurity incident, the ransomware group Funksec has claimed responsibility for a data breach targeting DealPlexus, a financial services platform based in India. This attack has exposed sensitive information, including IDs, Gmail addresses, phone numbers, and approximately 30,000 lines of additional data. The breach also compromised source code, secret hashes, secret keys, and complete database tables, posing a severe threat to the company's operations and client trust.

DealPlexus: A Financial Services Innovator

DealPlexus operates as a comprehensive financial services platform, connecting finance professionals with a diverse range of financial products and services. Based in Gurgaon, India, and operating under the registered name Jindagi Live Digital Private Limited, the company employs a small but specialized team of 1 to 50 employees. DealPlexus is known for its innovative programs like the DP Buddy Program, DP Saarthi, and DP Venture Partner, which facilitate business transactions and empower clients with tailored financial solutions. The company's commitment to personalized service and a connected financial ecosystem distinguishes it in the finance sector.

Funksec: An Emerging Cyber Threat

Funksec, first observed in December 2024, has quickly gained notoriety in the cybercrime landscape. The group employs double extortion tactics, combining data exfiltration with encryption to pressure victims. Their Tor-based data-leak site hosts breach announcements and a free DDoS tool, indicating a potential expansion of their ransomware operations. Funksec's activities suggest a dual role as a ransomware group and data broker, diversifying its extortion methods to maximize impact.

Attack Overview

The breach of DealPlexus's database highlights vulnerabilities that threat actors like Funksec exploit. The attack's success may be attributed to inadequate security measures, such as insufficient encryption protocols or outdated software systems. By targeting a company with a relatively small team, Funksec likely capitalized on limited cybersecurity resources, making DealPlexus an attractive target. The exposure of sensitive data not only jeopardizes client confidentiality but also undermines the company's reputation as a trusted financial platform.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.