Funksec Ransomware Group Targets Fuse.io in Major Cyberattack

The emerging ransomware group Funksec has claimed responsibility for a significant cyberattack on Fuse.io, a blockchain platform known for its innovative Web3 payment solutions. This attack highlights the vulnerabilities faced by companies operating in the rapidly evolving blockchain sector.

About Fuse.io

Founded in 2019 and headquartered in Dublin, Ireland, Fuse.io is a prominent player in the blockchain ecosystem, focusing on Web3 and decentralized finance (DeFi). The company provides a comprehensive suite of infrastructure tools designed to facilitate the development of blockchain applications and payment solutions. With a team of 29 to 51 employees, Fuse.io has processed over 128 million transactions, emphasizing low-cost, mobile-first solutions that cater to businesses and developers. The platform's standout features include low transaction fees and advanced technologies like Account Abstraction and zero-knowledge proofs, which enhance transaction security and speed.

Details of the Attack

Funksec claims to have exfiltrated over 100 GB of data from Fuse.io, including complete ROCKSDB files with millions of records. The stolen data reportedly contains logs, metadata, secret hashes, session details, system information, transaction records, network secrets, API keys, cookies, and authentication tokens..

Funksec Ransomware Group

Funksec, first observed in December 2024, has quickly gained notoriety in the cybercrime landscape. The group employs double extortion tactics, combining data exfiltration with encryption to pressure victims. Their Tor-based data-leak site hosts breach announcements and a free DDoS tool, indicating a potential expansion of their ransomware operations. Funksec's activities suggest a diversification of extortion methods, possibly operating as a data broker alongside their ransomware campaigns.

Sources

• Ransomware.live Post
• Fuse.io
• EdgeIn - Fuse.io
• Fuse News