Ransomware Group: CRYPTO24

VICTIM NAME: Tien Tuan Pharmaceutical Machinery Co[.] Ltd

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the CRYPTO24 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to Tien Tuan Pharmaceutical Machinery Co. Ltd, a Vietnam-based provider specializing in integrated software solutions for the pharmaceutical industry. The attack, which was discovered on June 5, 2025, involves a significant data breach estimated at approximately 800GB, indicating extensive exfiltration of sensitive corporate information. The company’s offerings include digital systems for pharmaceutical lifecycle management, manufacturing execution, and plant intelligence, serving major global clients within the biotech and pharmaceutical sectors. The leak page confirms that data related to their operations has been compromised, with files possibly available for download, although specific links are not detailed publicly. The incident highlights potential risks to their operational security and client confidentiality. Due to the nature of the leak, all sensitive identifiers and PII have been redacted, focusing instead on the scope and impact of the breach. Screenshots or images, if any, might display internal documents or system screenshots, emphasizing the severity of the data leak.

The event underscores the importance of cyber resilience for healthcare-related companies, especially those involved in manufacturing and digital solutions. While the attack date is known, specific technical details about the breach or the threat actors involved have not been disclosed publicly. The incident serves as a reminder of the continuous threats faced by the pharma industry, particularly when handling critical operational data. Public reports suggest that the compromised data could include proprietary solutions, client information, and operational details, which could potentially be weaponized or misused if accessed by malicious entities. The leak page does not specify additional information such as individual PII or detailed data content but indicates a serious security incident with a large amount of corporate data at risk.