Ransomware Group: FUNKSEC

VICTIM NAME: HostingExpress[.]com[.]mx

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FUNKSEC Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to HostingExpress.com.mx, a prominent web hosting company established in 2006, based in Mexico. The company has positioned itself as a leading provider in the web hosting sector, offering a range of services that include domain registration and streaming solutions. With over 11 years of experience, HostingExpress.com.mx has catered to personal website needs as well as small to medium enterprises (PyMes), providing access to high-capacity services at competitive prices. Their offerings include high-speed servers and a notable 99.9% uptime guarantee, ensuring that their clients can reliably conduct their online business operations. Furthermore, the company has implemented robust disaster recovery protocols with their servers located across different data centers, allowing for effective operational continuity in the face of hardware or software failures.

The leak page indicates that the ransom demand has not been met, leading to the exposure of data. The data exfiltrated includes details from a database, which reportedly has a size of approximately 207 MB with contents spanning from the year 2013 to 2021. Although the specifics of the compromised data are not provided, the leak page notes a presence of download links, implying that further access to the exfiltrated information may be available. Additionally, there is a mention of an image that likely showcases aspects of the breach. All claims on the page reference actions by the Funksec ransomware group, indicating the seriousness of this breach and the implications for the affected company.