Ransomware Group: D4RK4RMY

VICTIM NAME: BIG SILVER

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the D4RK4RMY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with the victim “BIG SILVER” indicates a confirmed attack date of July 8, 2025. The victim is identified as a company established in 1993, operating in Bangkok, Thailand. The company’s description highlights its long-standing history and international recognition, particularly in manufacturing with advanced Italian machinery and modern technology. Despite the detailed background of the company, there is no specific information about compromised data or the nature of the leak. The page includes no visible screenshots or images of internal documents, and no download links are apparent. This suggests that the breach’s impact and the data exposed remain unspecified.

The activity level related to this incident is categorized under a group identified as “d4rk4rmy,” which could indicate the threat actor involved. The attack date suggests the incident is recent, but no further details on the scope or severity are provided. As of now, there is no additional information regarding the specific data compromised or the type of breach. The absence of sensitive details and PII from the publicly available leak page suggests that either the breach is in early stages of disclosure or that the leaked data has not been made fully accessible to the public. Overall, the page serves as an initial alert rather than a detailed leak announcement.