KillSec Ransomware Group Compromises Delhi Police

The KillSec ransomware group has compromised the Delhi Police. The breach involves detailed traffic violation data, including violation ID / notice no, RC number, geo-location, offenses, sender name, mobile, source, date and time, status, media, and action, with a total of 254,629 traffic violations recorded as of 2.04.24. The Delhi Police is the law enforcement agency for the National Capital Territory of Delhi in India. The strength of Delhi Police is above 76,000, with six ranges, 15 districts, and 209 police stations in Delhi. Today, Delhi Police is perhaps the largest metropolitan police force in the world, larger than London, Paris, New York, and Tokyo.

KillSec's First Attacks

KillSec is a new ransomware group that has carried out its first attacks. The gang describes itself as a cyber security team and has targeted many organizations. The group's brazenness is clear in their public announcements and communications. They went on Telegram on October 25, 2023, to advertise their ransomware operations, revealing their intent to disrupt and profit from their illegal activities. Subsequent attacks on high-profile organizations such as the Romanian Police and Paschim Bengal Gramin Bank underscore their audacity and ability.

Operational Sophistication

KillSec operates with a level of sophistication that is hard to believe, given that the group is in its infancy. Making use of a TOR domain and a Nginx server ensures anonymity and efficiency in its operations. Moreover, it demands payment in XMR (Monero), a privacy-focused cryptocurrency, which adds another layer of complexity to the task of tracking and apprehending the malefactors.