[SAFEPAY] – Ransomware Victim: divgroup[.]eu
Ransomware Group: SAFEPAY
VICTIM NAME: divgroup[.]eu
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The ransomware leak page concerns the organization operating under the domain “divgroup.eu,” located in Slovakia. The attack was publicly disclosed on July 16, 2025, at approximately 21:50 UTC. The group responsible for the attack is identified as “safepay.” The leak includes some technical details, such as the presence of the Azorult infostealer, which was used to compromise the victim’s data. The incident appears to involve data theft or exfiltration, with evidence of third-party access to employee and domain information. The page includes a visual screenshot of alleged internal data, providing a glimpse into the scope of the leak.
The attack infrastructure and details suggest that the threat actors managed to access sensitive organizational data, potentially affecting employee and third-party information. Download links or data leaks are indicated, but specific files or data details are not disclosed openly in the report. The leak page is hosted on an onion site, emphasizing the malicious intent to obscure the communication channel. Given the activity type in the technology sector, the incident underscores the ongoing cybersecurity risks faced by organizations in this industry. The summary reflects a general overview, avoiding sensitive or PII-related information, maintaining a professional and sanitized report suitable for publication.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
