Ransomware Group: SARCOMA

VICTIM NAME: APH Svenska

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SARCOMA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a Swedish company operating within the Flowers, Gifts, and Specialty Stores industry. The victim, identified as APH Svenska AB, is based in Malmö, Sweden. The breach was discovered on June 4, 2025, and involves a substantial data leak amounting to approximately 174 GB. The compromised archive contains various files, indicating a significant data exfiltration. The leak suggests potential exposure of sensitive business information, although specific file details have not been disclosed publicly. The page includes limited visual content and no direct download links are visible in the provided data. Overall, the incident highlights a serious cybersecurity event impacting a mid-sized Swedish enterprise.–>

The attack’s specifics remain limited, but the large volume of leaked data underscores the severity of the breach. The company’s industry, located in Sweden, may face operational disruptions and reputational damage due to this incident. The leak involves an archive containing numerous files, possibly including internal documents or business data, which could be exploited if malicious actors access sensitive information. The ransomware group responsible appears linked to the “sarcoma” group, indicating the disruption was orchestrated by an organized cybercrime entity. As no download links or further details are provided, the primary concern centers on the potential impact on the targeted company’s operations and stakeholder confidence.