Ransomware Group: FUNKSEC

VICTIM NAME: seocommarrakech[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FUNKSEC Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page related to Seocommarrakech.com, a business services company based in Marrakech, Morocco, details the breach discoverable on January 11, 2025. The company specializes in providing search engine optimization (SEO) services aimed at enhancing online visibility for businesses. They utilize a range of strategies and technologies to improve web design and content marketing. The page emphasizes their commitment to assisting clients in achieving their online marketing objectives. However, the leakage indicates that sensitive information related to this entity may have been compromised, prompting concerns data integrity.

In the context of the breach, it was noted that only one user account was affected. Details regarding the specific data compromised remain unspecified. The presence of the infostealer group ‘funksec’ indicates a sophisticated criminal involvement behind the breach. A screenshot of the dark web page is available, showcasing the compromised nature of the company’s data. Furthermore, the leak page does mention the potential availability of download links, which could lead to further exposure of sensitive data in a broader context beyond simply user accounts. Companies in the business services sector should take heed of this incident and evaluate their own cybersecurity measures to prevent similar attacks.