Ransomware Group: DEVMAN

VICTIM NAME: hXXps://www[.]gmanetwork[.]com/news/

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DEVMAN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware incident involving a telecommunication organization was publicly disclosed on May 7, 2025. The attack resulted in a significant data breach, with an estimated financial impact of approximately 2.5 million USD. The affected entity is based in the Philippines, indicating regional implications within Southeast Asia. The leak page contains references to ransom notes and potentially exposes internal information, which may include sensitive operational details. A specific ransom demand or extortion message has been noted, although detailed content has not been publicly shared. The page includes visual evidence or screenshots that suggest internal documents or communications were compromised. No personally identifiable information or customer data was explicitly revealed in the leaked content.

The breach was attributed to the hacking group “devman,” which claims responsibility for the attack. Additional information was found on a specific ransom note hosted on a related webpage, indicating the attackers demanded payment in exchange for not releasing further data. The incident impacts the telecommunications sector, a critical industry with broad implications for regional infrastructure and public communication services. The leak may include confidential internal communications and technical details, although explicit contents have not been disclosed. The event underscores the increasing threat landscape for organizations in the telecommunications industry and highlights the importance of robust cybersecurity measures to prevent and mitigate such attacks.