Ransomware Group: QILIN

VICTIM NAME: greatcdltraining[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to a company operating within the transportation and logistics sector, specifically involved in providing driver training and trucking job placement services. The victim’s website, identified by the domain greatcdltraining.com, is based in the United States. The attack date is recorded as June 27, 2025, with the breach being discovered later the same day. The leaked information appears to include details related to the company’s operations, although specific sensitive data was not explicitly disclosed. Additionally, there are indications that the attackers may have captured some internal information, but there are no explicit mentions of PII or confidential records released publicly at this stage.

The leak page includes a link to a secure Tor site, which likely contains the compromised data. No screenshots or images are currently provided, but the presence of a dedicated leak page suggests that further data may be available or forthcoming. The company specializes in affordable driver training, with a focus on helping new drivers access trucking careers, emphasizing a long-standing operation in the industry spanning over 30 years.

This incident underscores the ongoing threat of ransomware attacks targeting service providers in the transportation sector. While specific files or detailed information concerning the breach are not publicly disclosed in the available summary, the leak site indicates the attackers’ intent to showcase their access and possibly demand ransom payments. The attack activity, associated with the group codenamed “qilin,” reflects a calculated effort to compromise organizations involved in essential logistical services within the US, with potential implications for operational security and data confidentiality.