Ransomware Group: LYNX

VICTIM NAME: Morrow Equipment

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LYNX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a cybersecurity incident involving Morrow Equipment, a manufacturing company based in the United States. The attack date is recorded as July 23, 2025, indicating when the compromise occurred. The breach was officially discovered a few days later, on July 26, 2025. The leak page includes a screenshot of some internal data or proof of the attack, providing visual confirmation of the incident. Although specific details about the nature of the data compromised are not disclosed, the presence of a leak link suggests that certain information has been made accessible on the dark web.

The incident has been claimed by the hacking group known as “lynx.” The page also provides a link to the leak on a darknet platform, which includes potentially sensitive data or details related to the attack. It is important to note that no personally identifiable information or sensitive corporate data is directly exposed in the summary. The attack appears to be part of a broader pattern of ransomware activities targeting manufacturing firms, with threats of data disclosure and proof of breach made publicly available. No mention is made of additional malicious activities or the specific types of data targeted during this event.