Ransomware Group: INCRANSOM

VICTIM NAME: EUROFILM ΜΑΝΤΖΑΡΗΣ Α[.]Ε

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

EUROFILM ΜΑΝΤΖΑΡΗΣ Α.Ε. is named as the victim on a leak page attributed to the group incransom. The post is dated August 20, 2025 (post date) and the victim is located in Greece (GR); the dataset does not specify the victim’s industry. The page appears to present a data-exfiltration event rather than a purely encryption-based incident, and it includes eight image attachments described as screenshots of internal documents. A claim URL is present on the page, and a revenue figure of 5M$ is listed in the labels, though no explicit ransom amount is provided in the extract. Public contact details from the victim published on the original page have been redacted in this summary. The body excerpt consists only of the victim’s name.

The page features eight screenshots or image attachments that appear to be internal documents. The presence of a claim URL suggests the attackers seek to provide additional context or negotiation instructions typical of ransomware extortion posts, while the revenue figure accompanies the post as part of the claimed value of the stolen data. No compromise date is given beyond the post date, so August 20, 2025 is treated as the post date. PII (emails, phone numbers, addresses) is redacted, while the victim name remains. The eight images are hosted on onion-based endpoints in the original page, but their URLs are not included in this summary.