Ransomware Group: DRAGONFORCE

VICTIM NAME: Allgäu Stern Hotel

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

Allgäu Stern Hotel, a large hospitality property located in Sonthofen, Bavaria, Germany, is described on the leak page as a versatile venue that serves both leisure guests and conference attendees. The page notes the property offers over 400 rooms and suites, a wellness area, multiple dining options, and a year‑round schedule of experiences. It emphasizes the hotel’s capacity for events, listing more than 20 modern meeting rooms and a dedicated event location called Sonnenkopfhütte. The leak entry, dated 2025-10-08 at 07:51:23 UTC, presents Allgäu Stern Hotel as a ransomware victim in a post attributed to the DragonForce group. The post includes a claim URL and an image gallery consisting of 24 attachments, likely screenshots or internal documents used to bolster the attackers’ claims. Contact details appear on the page but PII such as street address and phone number are redacted in this report to protect privacy; the victim name is preserved. No downloadable files are indicated on the page.

Regarding the incident itself, the dataset does not explicitly label the impact as either Encrypted or Data leak. The presence of a claim URL and the image gallery aligns with an extortion-focused ransomware post, but the provided data does not include a ransom amount or a detailed list of compromised data. The entry identifies the victim’s industry as Hospitality and Tourism and confirms the post date as the leak publication date; there is no separate compromise date listed. This indicates Allgäu Stern Hotel is the focal victim in a DragonForce leak entry dated 2025-10-08, with multiple image attachments and a claim URL, while the dataset does not disclose a specific encryption status or ransom figure in the accompanying fields.