A ransomware claim alleges that the threat actor coinbasecartel compromised KEB (Korea Exchange Bank) and affected operations in Germany, demanding ransom for data decryption. The claim describes encrypted systems, potential data exfiltration, and a coercive extortion note, with KEB identified as the targeted financial institution. #Germany
Incident Details
- Victim: KEB
- Sector: Not Found
- Country: DE
- Actor: coinbasecartel
- Source: http://fjg4zi4opkxkvdz7mvwp7h6goe4tcby3hhkrz43pht4j3vakhy75znyd.onion/companies/keb
- Discovered: 2026-04-08 18:56:20.424786
- Published: 2026-04-08 18:56:02.268458
Information
- KEB (Korea Exchange Bank) is a South Korean financial institution.
- Offers a wide range of banking and financial services, including retail banking, corporate banking, foreign exchange, and trade finance.
- Headquartered in Seoul, South Korea.
- Historically one of the countryโs leading banks, specializing in international transactions.
- Merged with Hana Bank in 2015 to form KEB Hana Bank, operating under Hana Financial Group.
Disclaimer: This post is based on public claims made by the ransomware group "coinbasecartel". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.