Ransomware Group: DEVMAN

VICTIM NAME: pestbusters[.]com[.]sg

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DEVMAN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On September 29, 2025, pestbusters[.]com[.]sg, a Singapore-based company operating in the Consumer Services sector, appears on a ransomware leak page as a victim. The post frames the incident as a data-leak event rather than merely encryption and quotes a stated ransom of 100,000 USD. The leak page includes 22 screenshots or images intended to illustrate the claimed data exposure, and a claim URL is indicated for contacting the attackers. The provided data lists the post date as the sole dated reference; there is no separately identified compromise date beyond the published post date.

Beyond the stated ransom, the page contains an extended sequence of extortion notes that reference various volumes of data said to have been exfiltrated or stolen—ranging from hundreds of gigabytes to multiple terabytes. The messages are accompanied by countdown timers and imply potential public release or sale of the stolen material, consistent with double-extortion ransomware tactics. The page also directs contact through a forum-based channel (noting a representative name for negotiation) and includes negotiation prerequisites and data-volume proofs as part of the extortion framework. No direct data download is indicated on the page, but the overall content aligns with a ransomware leak post rather than a simple encryption notice. The post date remains September 29, 2025, and no separate compromise date is provided. The content is presented in English and centers on pestbusters[.]com[.]sg as the victim, with imagery used to illustrate the claim.