Ransomware victim disclosure
← All victimsFAAB Invest Advisors Private Limited
listed as FAAB Invest Advisors Private Limite... · Claimed by Killsecurity · listed 9 months ago
Status timeline
- ListedOct 23, 2025
- Data leakeddate unknown
At a glance
- Group
- Killsecurity
- Status
- Data leaked
- Country
- India
- Sector
- Financial Services
- Listed on leak site
- Oct 23, 2025
- Data size
- 600 GB
About the victim
AI dossier — public-source company profileFAAB Invest Advisors Private Limited is an India-based fintech/investment platform offering fractional ownership in curated real assets including farmlands, residential real estate, and precious metals (digital gold and silver). Operating under the brand names FarmFraX, AlphaOne, and Lotus Collective, the company targets retail investors seeking environmentally-focused, asset-backed investment opportunities. The platform emphasises sustainable and ESG-aligned investments with institutional-grade due diligence.
- Industry
- Fractional Ownership & Green Investment Platform
Attack summary
Severity: high — The disclosure status is data_published, confirming exfiltration and release of data from a financial services company that handles retail investor KYC and financial records, which likely includes regulated PII and financial data at meaningful scale.Killsecurity claims to have attacked FAAB Invest Advisors Private Limited and has moved to the data_published stage, indicating exfiltration and publication of company data. No specific data categories or ransom demand were stated in the post.
Data the group says was taken
AI dossier — extracted from the leak post- Investor records
- Financial data
- KYC/identity documents
- Business operations data
What the group claims
FAAB Invest Advisors Private Limited operates a green investment platform offering fractional ownership in sustainable assets such as electric mobility, farmlands, and renewable energy projects. The company focuses on providing retail investors access to environmentally-friendly, asset-backed investment opportunities with potential for returns and portfolio diversification.
The leak post
captured from the group's siteFounded in 1997, iCare Software, based in the United States, delivers innovative management solutions for childcare and afterschool programs. Serving childcare centers, preschools, afterschool programs, and multi-site operations, iCare automates critical tasks like attendance tracking, staff scheduling, tuition collection, and compliance reporting. Its unique offerings include AI-driven analytics, business intelligence dashboards, and CRM tools to boost enrollment and staff retention. With seamless data migration and robust back-end technology, iCare empowers providers to focus on quality care while streamlining operations and driving growth. Cadorim simplifies money transfers to Mauritania, offering a secure, user-friendly platform for individuals and businesses. With a focus on speed, affordability, and accessibility, Cadorim enables seamless transactions in just three clicks, available around the clock. The company ensures maximum security for every transfer, provides competitive exchange rates with no fees, and processes transactions instantly. Headquartered in Brussels, Belgium, with operations in Nouakchott, Mauritania, Cadorim serves customers seeking reliable, cost-effectiv…
Sources
- Victim sitefaab.in
Source
Indexed 9 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

