Emerging Ransomware Group FunkSec Claims Over 80 Cyberattacks in December 2024
A newly emerged ransomware group known as FunkSec is making waves in the cybercrime landscape, reportedly claiming responsibility for over 80 cyberattacks throughout December 2024. According to a recent report by cybersecurity firm Check Point, the group operates through a unique blend of hacktivism and cybercrime, drawing in inexperienced actors eager for recognition.
FunkSec’s ransomware, developed using the Rust programming language, is believed to be partially the result of artificial intelligence assistance. Check Point’s investigation suggests that the malware’s original developer, possibly an amateur programmer from Algeria, may have unintentionally shared fragments of its source code online. This marks a concerning trend, where less experienced individuals could inadvertently contribute to larger cyber threats.
Employing a ransomware-as-a-service (RaaS) model, FunkSec executes a double extortion strategy, pressuring victims to pay ransom demands while threatening to publicly release sensitive data. The group recently launched a data leak website that features additional malicious tools, including a distributed denial-of-service (DDoS) utility and advanced password-scraping applications.
The origins of FunkSec can be traced back to October 2024, under the aliases "Scorpion" and "DesertStorm," with other individuals like “El_Farado” believed to be allies. The group has also aligned with past hacktivist factions such as Ghost Algéria.
Despite their apparent inexperience and reliance on AI-generated content to bolster their operations, FunkSec has attracted notable attention in cybercrime forums. With low ransom demands, sometimes as little as $10,000, they have even been observed reselling stolen data at discounted rates.
The rise of FunkSec underlines the evolving nature of cyber threats, raising alarms about their inventive yet alarming use of artificial intelligence in malicious activities.