Ransomware Group: FUNKSEC

VICTIM NAME: bayan-ulgii[.]cfga[.]gov[.]mn

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FUNKSEC Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with the domain \”bayan-ulgii.cfga.gov.mn\” has been identified, suggesting it is affiliated with a government agency in Mongolia. The focus of this agency seems to be on administrative, agricultural, or cultural affairs in the Bayan-Ölgii province, which is noted for its rich Kazakh culture. The leak was discovered on January 5, 2025, though specific details regarding any data compromise are not provided in the available information. This context indicates that the entity’s work may include supporting local development and community initiatives within the province.

The post indicates involvement from a ransomware group identified as \”funksec\”. However, details regarding the number of employees, third-party entities, or users affected by this incident remain unspecified, as no such data was disclosed. Despite the lack of specific details regarding data leaks, the involvement of a ransomware group highlights potential risks to governmental operations and local governance, emphasizing the importance of cybersecurity measures in the public sector. The page did not include images or additional downloadable links for sensitive data, indicating a focus on maintaining operational security as much as possible.