Ransomware Group: BERT

VICTIM NAME: SIMCO Electronics (UPDATE 5/3/2025)

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BERT Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to SIMCO Electronics, a company specializing in calibration and software solutions within the technology sector. Established in 1962, the company has historically served clients such as NASA and various Silicon Valley firms. The breach was publicly disclosed on May 3, 2025, following an attack that occurred on April 30, 2025. The incident indicates targeted malicious activity aimed at disrupting operations and potentially exposing sensitive technical data. Although specific compromised data is not detailed, the leak may include confidential information related to the company’s technological solutions and client engagements. A screenshot of the leak shows visual evidence of compromised internal documents, emphasizing the sensitive nature of the breach.

The leak page is part of a broader ransomware campaign conducted by a group identified as “bert.” The vadim includes links to further details or claims of the attack, though specific download links or data exfiltration evidence are not explicitly provided in this report. The company’s presence in the United States and its role in serving high-profile clients highlight the potential impact of this breach on the technology industry. The leak’s visual content suggests that the threat actors might have accessed proprietary information, which could have significant business implications if exploited. The incident underscores the importance of cybersecurity measures for organizations handling sensitive technological data.