Ransomware Group: BERT

VICTIM NAME: ALL RING TECH CO[.], LTD[.]

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BERT Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to All Ring Tech Co., Ltd., a Taiwanese company specializing in the production of advanced automation equipment for industries such as semiconductors, LEDs, passive components, and solar technology. The attack date is recorded as May 16, 2025, with the leak discovered shortly afterward on the same day. The leak page publicly displays a screenshot of internal data, indicating that sensitive information from the company has been compromised. The page also provides a link to the attacker’s claim post on an onion service, revealing that data extraction was successful. This incident highlights potential cybersecurity vulnerabilities within technology manufacturing firms and underscores the importance of robust data protection measures. No specific data types or contents are disclosed in detail, but the presence of a screenshot suggests that internal documents or technical data may have been leaked. The leak appears to be part of a targeted operation against the company’s digital security. The leak page is hosted on a dark web URL, emphasizing its clandestine nature.

The leak includes visual evidence such as screenshots of internal data, which may contain confidential technical documents or operational details pertinent to the company’s manufacturing processes. It is noted that the leak occurred in the context of a cyberattack on a technology-oriented enterprise, which could have implications for the company’s intellectual property and business operations. The incident’s timeline indicates that the attack was detected and publicly exposed within hours, reflecting the rapid dissemination typical of such breaches. While no personally identifiable information or specific data contents are provided in the leak summary, the event underscores the critical need for cybersecurity vigilance in the high-tech manufacturing sector, especially given the industry’s role in sensitive industrial supply chains. The leak was publicly claimed through an online message, possibly aiming to threaten or embarrass the organization. The information available suggests a significant security breach that could have broader ramifications if exploited further or if sensitive technical data was leaked.