Paytm Mall, the e-commerce marketplace of Paytm has been attacked by a cybercrime group called ‘John Wick’ as reported by the Cybersecurity intelligence platform Cyble. However, Paytm claims that the company has not found any security lapses.
According to the report, hackers were able to gain unrestricted access to the entire database of Paytm Mall using a backdoor/Adminer which Cyble also claims that the hack was possible by a Paytm Mall insider. Interestingly, the cyber criminals demanded a ransom in the form of cryptocurrency 10 ETH (about 4,000 USD) to be precise.
Cyble reports that an alleged ex-cartel member who uses the alias Kelvin and is part of the hacking group “John Wick” informed the company about the hack, the hackers were able to gain access to the production database that potentially contained information on all Paytm Mall accounts and other related information.
The hacker has also posted about the hack on a Russian hacking forum.
Paytm has made a statement that all the user and company data was safe and secure, the company also runs a Bug Bounty Program, under which the company rewards to reponsible disclosure of any security risks.
This group of hackers has successfully attacked many tech companies in India previously that include Zee5, SquareYards, Stashfin, Sumo Payroll, Square Capital, i2ifunding, e27, and many others.