Ransomware Group: PLAY

VICTIM NAME: View Zuellig Industrial

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the PLAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to a ransomware attack targeting Zuellig Industrial, a manufacturing company based in Thailand. The attack was discovered on June 27, 2025, and the threat actors have claimed responsibility through a dark web portal. The incident impacts the company’s operations within the manufacturing sector, specifically in the Southeast Asian region. The page features a screenshot of the compromised environment, indicating potential data theft or system infiltration. No explicit details regarding the extent of data exfiltration are provided, but the presence of a dedicated claim URL suggests ongoing malicious activity. The attackers may have accessed internal systems, although specific files or information are not disclosed publicly.

The ransomware leak page also includes the victim’s company domain and a visual screenshot intended to showcase the breach. Information about the attack date and discovery timestamp confirms the recent nature of the incident, occurring in late June 2025. The page does not specify the types of data compromised but indicates that the threat group, identified as “play,” is responsible. Authorities or affected parties are advised to monitor the situation closely, as the leak site may host additional details or prompts for data recovery or negotiations. Overall, this incident highlights the increasing vulnerability of manufacturing firms to sophisticated cyber threats in regional markets.