[QILIN] – Ransomware Victim: ITinSell group
Ransomware Group: QILIN
VICTIM NAME: ITinSell group
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The ransomware leak pertains to the ITinSell group, a company operating within the technology sector based in France. The data breach was discovered on May 15, 2025, and the attack date is recorded as May 15, 2025. The leak includes detailed information about the group’s activities, focusing on their involvement in data collection, structuring, and security. The compromised data suggests the presence of considerable internal information, including operational details about their SaaS platform designed to enhance performance and user experience. The leak also features a screenshot displaying internal documents, which provides visual confirmation of the breach.
The leak source indicates access to sensitive information related to various malware tools, such as Lumma and RedLine, used possibly for infostealing purposes. Details are provided about employees, third-party domains, and user information, although no personally identifiable information or specific client details are disclosed. The leak site provides a claim URL and confirms that the victim is the ITinSell group, a company involved in technology and data management activities. No additional press or public statements are available, but the leak appears to include substantial technical content and internal operational data, indicating a significant security breach.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
