Cybercriminals Leak Federal Government Data and Authorities React
TL;DR
The cybercriminal group Killsec announced on its Dark Web blog the intention to expose data allegedly obtained from the Federal Government. The statement, dated Monday (15), contained attachments such as personal documents and payment proofs, but did not provide details about the origin or extent of the leak.
The cybercriminal group Killsec announced on its Dark Web blog the intention to expose data allegedly obtained from the Federal Government. The statement, dated Monday (15), contained attachments such as personal documents and payment proofs, but did not provide details about the origin or extent of the leak.
Among the disclosed documents are National Driver's Licenses (CNH) and a National Register of Freight Road Transporters (RNTRC), as well as utility bills. The discovery attracted attention, as the available images are of documents not found in the official app managed by the National Traffic Secretariat (Senatran).
TecMundo Security consulted authorities about the incident. According to a communication from the Ministry of Transport, "Senatran has not identified any data leak." The CNHs mentioned in the leak are not linked to the government's system.
Authorities' Reaction to the Cyber Attack
The publication from the Killsec group set a deadline for the full disclosure of data, which would expire at 7:25 PM today (16). So far, the group's website remains in a "waiting" status, without new updates.
Killsec is known for conducting **data ransom** attacks, a method called ransomware, whose main goal is to achieve financial gains. The group describes itself as "apolitical," focusing solely on profit, which can be verified on its Dark Web site.
About the Killsec Group
The strategy of Killsec includes recruiting new members through an affiliate program, promising to form a team of pentesters. These professionals are experts in testing cybersecurity defenses through legitimate methods.
However, the group also establishes collaborations with individuals who facilitate invasions. In these cases, a portion of the profits obtained is shared with these individuals. This approach reveals an organized system that seeks to maximize financial returns through illegal activities.
Preferred targets include entities that cannot have their data encrypted, such as power plants and medical institutions, where disruptions could cause severe problems. On the other hand, police stations and legal authorities are cited as encouraged targets for Killsec's actions, as they typically do not accept defense testing services.
Although the group exploits its actions in various countries, it excludes those that have been under the influence of the Soviet Union, claiming respect for the origins of its founders.
Report in progress…
Content selected and edited with AI assistance. Original sources referenced above.
