Ransomware Group: WARLOCK

VICTIM NAME: infoniqa[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WARLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page concerns infoniqa[.]com, identified as the victim, and is associated with the Austria-based technology sector. The published post attributes the intrusion to the threat actor group Warlock and frames the incident as a data-leak event rather than solely an encryption outcome. The attackers claim to have exfiltrated around 165 GB of data, spanning internal documents, financial records, employee information, CRM databases, HR databases, and SaaS databases. The post date provided on the page is August 18, 2025 at 17:46:15, which is used as the post date since no explicit compromise date is stated. This presentation aligns with the common data-extortion narrative seen in contemporary ransomware operations, where stolen material is threatened for public release.

Metadata accompanying the leak indicates there are no visible screenshots or images on the page (zero images). A claim URL is noted as present, but the excerpt provided does not reveal any image content or linked materials. No ransom amount is disclosed in the captured content. The description emphasizes the scope and categories of data compromised rather than encryption status, reinforcing the perception of a data-leak scenario targeting a technology-sector organization. In keeping with privacy norms, any personal information within the exposed data would be redacted, while the victim name infoniqa[.]com is retained for identification.