Ransomware Hits Transak Exposing 92,554 Users' Data

Incident Date: Oct 31, 2024

Attack Overview

VICTIM

TRANSAK

INDUSTRY

Software

LOCATION

USA

ATTACKER

Stormous

FIRST REPORTED

October 31, 2024

Request Removal

Ransomware Attack on Transak: A Deep Dive into the Stormous Breach

Transak, a key player in the Web3 infrastructure sector, recently became the victim of a ransomware attack by the Stormous group. Known for its fiat-to-crypto payment gateway solutions, Transak facilitates seamless cryptocurrency transactions for users worldwide. Founded in 2019 and headquartered in New York City, the company has quickly established itself as a leader in the fintech space, offering services across 170 cryptocurrencies and 75 blockchains.

Company Profile and Industry Standing

Transak's innovative approach to cryptocurrency transactions, particularly its developer-friendly integration toolkit, sets it apart in the competitive landscape. The company is recognized for its compliance framework, being regulated in multiple jurisdictions, including the UK and the US. This regulatory compliance, coupled with a low fraud rate, underscores its commitment to security and user trust.

Details of the Attack

The Stormous ransomware group claims to have exfiltrated 300 GB of sensitive data from Transak, affecting approximately 92,554 users. The breach was executed through a sophisticated phishing attack that compromised an employee's laptop, granting access to a third-party KYC vendor's system. The stolen data includes government-issued IDs, proof of address, and user selfies, though no financial information was compromised. Transak has assured users that their funds remain secure, as the platform operates non-custodially.

Stormous Ransomware Group

Stormous distinguishes itself in the cybercriminal landscape through its aggressive tactics and significant data breaches. The group is known for its double extortion strategy, where it not only encrypts data but also threatens to leak it publicly. This approach aims to coerce victims into paying ransoms, leveraging the potential reputational damage of data exposure.

Security Vulnerabilities and Response

The attack on Transak highlights vulnerabilities in third-party vendor systems and the risks associated with phishing attacks. In response, Transak has engaged cybersecurity firms and forensic experts to investigate and secure their systems. The company is also enhancing employee training and system defenses to prevent future breaches. Affected users are advised to monitor for suspicious activity, with Transak providing resources to mitigate potential misuse of compromised information.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.