Ransomware Group: DRAGONFORCE

VICTIM NAME: Diversified Project Services International

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page concerns Diversified Project Services International, a company based in the United States operating in the business services sector, specifically in engineering, geomatics, planning, and construction management. The leak was discovered on August 6, 2025, and the attack date is reported as August 6, 2025. The page includes a screenshot of the affected company’s online interface, indicating that the breach potentially involved access to internal systems. This leak suggests that sensitive internal information was compromised by cybercriminals operating under the group named “dragonforce.” The incident underscores the ongoing cybersecurity risks faced by organizations in the professional services industry on a global scale.

The leak page mentions that a data breach or compromise has taken place, likely involving the theft of files or other digital assets. Although specific details of the leaked data are not provided here, the presence of download links or evidence of data exfiltration is implied by the leak’s nature. The company has a small team, with only a few employees, and the breach appears to have targeted possibly internal or client-related information. The incident features a visual screenshot illustrating internal documents or digital environments, emphasizing the breach’s severity. The threat actor uses this leak to demonstrate their access, possibly aiming to pressure the company or sell the stolen data on dark web channels.