Ransomware Group: DEVMAN

VICTIM NAME: TBD GREECE

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DEVMAN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware attack targeting an entity in Greece resulted in the encryption of all files, with approximately 120GB of data stolen. The attack was publicly disclosed on May 19, 2025, and the group responsible is identified as “devman.” The leak page indicates that the attackers claimed to have encrypted all files and stolen a sizable amount of data, although specific details about the victim are not provided. No detailed description of the compromised data or the attack vector is available at this time. The page does not include any screenshots or images, but it notes the encryption of files and data theft as key outcomes of the incident.

Potential download links or leaked data are referenced, but no direct URLs or files are displayed publicly. The victim’s activity sector remains unspecified, and the country affected is Greece. The attack appears to be part of a wider campaign by the group “devman,” targeting organizations with significant data volume. Although further technical details are not provided, the leak page highlights the seriousness of the compromise, emphasizing the encryption of all files and theft of sensitive information. This incident underscores the importance of robust cybersecurity measures to prevent large-scale data breaches involving ransomware groups.