Ransomware Attack on Concash by KillSec Shakes Fintech Sector

Incident Date: Oct 28, 2024

Attack Overview

VICTIM

ConCash

INDUSTRY

Finance

LOCATION

Brazil

ATTACKER

Killsec

FIRST REPORTED

October 28, 2024

Request Removal

Ransomware Attack on Concash: A Detailed Analysis

The ransomware group KillSec has claimed responsibility for a recent cyberattack on Concash, a Danish financial technology company. This attack has raised significant concerns within the fintech sector, given Concash's role in facilitating secure consortium investments.

About Concash

Concash, officially known as Concash ApS, is based in Haarby, Syddanmark, Denmark. The company operates in the financial technology sector, focusing on the secondary market for consortia. This involves financial arrangements that allow individuals to pool resources for collective purchasing power, often in real estate or vehicle purchases. Concash is known for its secure transaction methods, which are crucial in the fintech industry where trust is paramount. The company is affiliated with BTG Pactual, a major player in the financial sector, which enhances its credibility and operational capacity.

Details of the Attack

The attack on Concash was executed by the KillSec ransomware group, which has threatened to release sensitive data within a week. The compromised information reportedly includes personal details such as names, CPF numbers, addresses, and birthdates, as well as financial data like bank account details and consortium contractual information. The attackers have shared sample screenshots of the data on their dark web portal to substantiate their claims.

About KillSec

KillSec, also known as Kill Security, is a notorious ransomware group that has targeted various industries, including finance, government, and manufacturing. The group is known for its use of multiple communication channels and crypto wallets, primarily using Monero (XMR) for transactions. KillSec has been active in several countries, including the United States, United Kingdom, and India, demanding extortion amounts ranging from 1,500 to 10,000 EUR. The group is tracked by cybersecurity platforms like ID Ransomware and Ransom-DB.

Potential Vulnerabilities

Concash's focus on secure transactions makes it a prime target for ransomware groups like KillSec. The company's involvement in handling sensitive financial data and its international operations could have exposed it to vulnerabilities. The exact method of penetration remains unclear, but it is likely that the attackers exploited weaknesses in Concash's cybersecurity infrastructure, possibly through phishing or exploiting unpatched software vulnerabilities.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.