HackerFeeds
All ransomware incidents
bayan-ulgii.cfga.gov.mn

Ransomware group funksec hits bayan-ulgii.cfga.gov.mn

MEDIUM
·Public Sector·MN·2025-01-05

bayan-ulgii.cfga.gov.mn — a public sector target operating in MN has been listed by the funksec ransomware group on 2025-01-05. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.

Incident Report

Target Organizationbayan-ulgii.cfga.gov.mn
Threat Group
funksec
Summary[AI generated] "Bayan-Ulgii" appears to refer to Bayan-Ölgii, a province in western Mongolia known for its Kazakh culture and traditions. The ".cfga.gov.mn" domain suggests an affiliation with a Mongolian government agency, possibly related to agriculture or regional governance. This entity likely focuses on administrative, agricultural, or cultural affairs within Bayan-Ölgii, supporting local development and community initiatives.
Date of Breach2025-01-05
Discovery Date2025-01-05
RegionMN
Target Domainbayan-ulgii.cfga.gov.mn
Business SectorPublic Sector
Severity
MEDIUM

Claim by funksec

[AI generated] "Bayan-Ulgii" appears to refer to Bayan-Ölgii, a province in western Mongolia known for its Kazakh culture and traditions. The ".cfga.gov.mn" domain suggests an affiliation with a Mongolian government agency, possibly related to agriculture or regional governance. This entity likely focuses on administrative, agricultural, or cultural affairs within Bayan-Ölgii, supporting local development and community initiatives.

Posted by the funksec threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.

Sources

Victim website

bayan-ulgii.cfga.gov.mn

Leak post (onion / Tor)

tor

http://7ixfdvqb4eaju5lzj4gg76kwlrxg4ugqpuog5oqkkmgfyn33h527oyyd.onion/Deface10.html

Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.

Disclaimer

HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.