• The hacker group John Wick is involved in several attacks on mostly Indian firms such as Zee5, SquareYards, Stashfin, Sumo Payroll, Square Capital, i2ifunding, e27 and many others.
• Interest in Indian companies due to the high degree of his success rate in receiving ransom payments.

Bengaluru: Hackers have breached into Paytm Mall, the e-commerce division of Paytm, a report by Atlanta based cyber-security firm Cyble said.

“Massive data breach,” is how the security firm is describing the attack, although Indian media is reporting that Paytm has denied the attacks ever took place.

According to Cyble, he hacker group, identified as ‘John Wick’ has demanded Paytm which is valued at around $3 billion, to pay a ransom of 10 ETH, equivalent to $4,000 and says it has information that confirms Paytm is interested to pay up.

The information about the hack was passed on by a former insider of John Wick who claimed that the entire database of Paytm Mall has been compromised as the hacker group gained access to their production database and potentially affects all accounts and related information at Paytm Mall.

Cyble also posted a screenshot of what the hacker has posted on a Russian forum.

“The actor has other aliases such as “South Korea”, “HCKINDIA”. One of the tactics used by this group is “to act” as a grey-hat hacker and offer help to companies or victims to fix their bugs,” said the report adding that the group has been involved in several attacks on mostly Indian firms such as Zee5, SquareYards, Stashfin, Sumo Payroll, Square Capital, i2ifunding, e27 and many others.

Cyble also notes that the hacker group has a keen interest in Indian companies mainly due to “the high degree of his success rate in receiving ransom payments.”

A recent report by another cyber security firm Sophos based on a survey it commissioned  has indicated India tops the table of ransomware victims with a full two-thirds (67%) of respondents hit by ransomware in the previous year and India had the highest level of infection, followed by Mexico, US, and Canada. Reports also indicate that Indian firms have incurred costs of close to $1 million to rectify the impact of each ransomware attack.

India also recently announced a policy to ramp up its cyber security in the wake of a perception of increased threat from both external state and non-state actors in recent months.