Cyble, a security firm based on Atlanta reported that a hacker gained unrestricted access by uploading a backdoor on Paytm Mall’s database.
The Hacker group called `John Wick’ was able to gain unrestricted access to Paytm Mall’s database. The cybercrime group demanded a ransom in exchange for the information.
According to the Cyble report, the hacker group demanded 10 Ethereum (a cryptocurrency that is equivalent to $4,000), from Paytm Mall as a ransom. Cyble said that the breach affects all accounts and related information at and claims that the hack happened due to an insider at Paytm Mall.
The `John Wick’ group has other aliases such as South Korea, HCKINDIA and have intruded several Indian companies and collected ransom from various organisations including fintech startups, Sumo Payroll, Stashfin OTT platform Zee5 and i2ifunding.
Cyble points out that this hacker group acts as a `grey-hat’ hacker and offers help to companies or victims to fix their bugs. However, the company denied the statement and said that the user data is secure.
“We would like to assure that all users, as well as company data, are completely safe and secure. We have noted and investigated the claims of a possible hack and data breach, and these are absolutely false. We invest heavily in our data security, as you would expect. We also have a Bug Bounty program, under which we reward responsible disclosure of any security risks. We extensively work with the security research community and safely resolve security anomalies,” the spokesperson said.