Ransomware Group: INCRANSOM

VICTIM NAME: Wingpoh_SG

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page related to the victim identified as Wingpoh_SG, a distributor based in Singapore, provides details about a cybersecurity incident that was publicly disclosed on July 17, 2025. The attack occurred on the same day the incident was discovered, approximately one hour later. The victim operates in the industrial and hardware supply sector, offering a wide range of tools such as air impact wrenches and electric screwdrivers. The leak indicates that sensitive or internal data may have been compromised, with a screenshot of internal documents included in the published materials. There are indications that the attackers claim ownership of certain data, with the leak potentially exposing confidential information about the business.

The leak webpage features a link to a blog post hosted on a dark web address, where further disclosures are made. Although specific files or data types are not detailed here, the presence of a screenshot suggests that the leaked content may include internal documentation or business information. The attacker group responsible appears to be associated with “incransom,” a known ransomware entity. The incident’s timing and details highlight ongoing cybersecurity risks for organizations in the region and sector. No personal or PII data is exposed in the available information. The incident underscores the importance of robust security measures and monitoring for potential cyber threats affecting industrial supply companies.