The killsec threat actor has claimed to have compromised DUC App, a leading financial technology platform in Canada, and threatens to release sensitive client data including home addresses, transaction histories, and cryptocurrency keys if the company refuses to cooperate. This attack could significantly impact the privacy and security of users across Canada.
Incident Details
- Victim: DUC App: Global Money Movement, Simβ¦
- Country: CA
- Actor: killsec
- Source:
- Discovered: 2025-10-23 16:18:37.514925
- Published: 2025-10-23 16:18:36.315695
Information
- DUC App is a leading financial technology platform that facilitates global payments and currency exchange.
- It offers instant transfers, international mobile top-ups, cryptocurrency transactions, and API integrations for e-commerce.
- The platform provides a secure, user-friendly experience across web, iOS, and Android devices.
- The data involved includes clientsβ home addresses, phone numbers, transaction histories, email addresses, crypto address keys, verified documents, passports, IDs, and more.
- If the company refuses to cooperate, all information will be released.
Disclaimer: This post is based on public claims made by the ransomware group "killsec". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.