Ransomware Group: FUNKSEC

VICTIM NAME: mofaga[.]gov[.]np

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FUNKSEC Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page concerning the website “mofaga.gov.np,” affiliated with the Ministry of Federal Affairs and General Administration of Nepal, reveals significant information about the agency’s internal structure and potential vulnerabilities. This governmental entity plays a crucial role in managing federal affairs, local governance, and various administrative functions aimed at improving governance throughout Nepal’s diverse regions. The page highlights the importance of maintaining secure protocols in public sector organizations given their responsibilities in managing public resources and local development, which could affect a large number of citizens and stakeholders.

In addition to the administrative scope of the Ministry, the leak includes data about internal operations and user metrics, detailing the number of users and third-party interactions linked to the ministry’s online presence. Specific figures mention a total of 462 users and interactions with multiple third-party domains, which underscores the potential reach of compromised information. The evident emphasis on oversight and data integrity reflects the necessity for public institutions to prioritize cybersecurity measures to protect sensitive governmental data amid rising cyber threats.

It is notable that the post was published and discovered on December 30, 2024, indicating a contemporaneous issue regarding this address. There is currently no available information on direct visual content such as screenshots or detailed links to compromised data, suggesting that the intent may be more towards exposure and potential negotiation rather than outright data dumping. This incident illustrates ongoing challenges within the public sector in Nepal and emphasizes the critical need for enhanced security frameworks to safeguard administrative functions from ransomware attacks.