Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Hackers claim to have exfiltrated data – including scans of valid passports – from Australian company Wendy Wu Tours.
The KillSec ransomware is claiming to have successfully hacked Sydney-based tour agency Wendy Wu Tours.
KillSec listed the agency on its darknet leak site on 4 March and is threatening to publish the data allegedly stolen during the hack within seven days.
Currently, no ransom amount is listed on the leak site; however, some payment instructions are provided.
“Company can pay for data deletion, and non-company related individuals may contact us to reach an agreement for data purchase,” KillSec said in its leak post.
“If you are an authorised representative to negotiate on behalf of this company, submit your application via the session messenger.”
While the amount of data exfiltrated isn’t listed, the gang has shared several documents as evidence of a successful hack. The evidence pack includes nine scans of valid passports belonging to residents of Australia, the United Kingdom, and Germany, alongside a passenger pre-travel form that lists name, residential and email address, emergency contact details, and frequent flyer number.
Cyber Daily has contacted Wendy Wu Tours for comment but has yet to receive a reply.
KillSec was first observed in October 2023, and the gang rebranded as a ransomware-as-service operation in June 2024. According to the description on its leak site, KillSec is a “prominent hacktivist group operating in the cyber realm, operating since 2023”.
“With a focus on both disruption and digital activism, KillSec embodies the complexities of modern cyber warfare, blending elements of activism with the darker facets of hacking culture,” it said.
KillSec has been particularly active in the ANZ region since November 2024, when it listed NSW home builder Vogue Homes. Since then, it has claimed three other Australian victims and one in New Zealand. The gang’s most recent Australian victim was a private education institution, the Albright Institute of Language and Business, which it listed in February. KillSec has claimed 170 victims in total and currently ranks as the 31st most active ransomware group globally.
Wendy Wu Tours offers tourist packages throughout the far east, central and south-east Asia, India, Africa, the Middle East, and Latin America. The agency offers a visa service and loyalty program, and it partners with several airlines.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
