[BLACKNEVAS] – Ransomware Victim: LATCOM
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating to the content should be directed at the attackers, not RedPacket Security. This blog is an editorial notice informing that a company has fallen victim to a ransomware attack. RedPacket Security is not affiliated with any ransomware threat actors or groups and will not host infringing content. The information on this page is automated and redacted whilst being scraped directly from the BLACKNEVAS Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
LATCOM, an Out Of Home (OOH) advertising company with a global reach, is presented as the victim in a ransomware-related leak post attributed to the group BlackNevas. The post asserts that LATCOM’s stolen data comprises 145,146 files totaling approximately 1 TB and provides a file listing via a hosted index (defanged as hxxp://gofile[.]io/d/xNrNCu). The attackers state they will supply any file from this list for confirmation, a common extortion tactic in data-leak campaigns to demonstrate the scope of exfiltrated content. The leak page frames the incident as a data leak rather than a purely encrypted disruption and carries a post date of 2025-10-19 18:01:13; no compromise date is disclosed on the leak page.
The leak page reproduces LATCOM’s marketing language describing its Out Of Home services—global reach, media strategy, planning and implementation of campaigns, and a data-driven approach to delivery and reporting. This material appears to be part of the exfiltrated content and is presented without additional context about its internal status. The page also announces an auction of two companies on November 1 and provides contact information for inquiries (an email address is redacted in this report). In addition, the page references external domains and an onion-hosted publication link (defanged here). The public view contains no screenshots or images, according to the available data.
Key metadata indicates LATCOM’s exposure involves a large-scale data leak with an estimated 145,146 files totaling around 1 TB. The post does not publish a ransom amount, and no compromise date is stated, making the post date the primary temporal reference. The presence of a GoFile listing link and an onion URL (both defanged) suggests additional data may be accessible to interested parties. Organizations connected to LATCOM should monitor for potential exposure of client lists, internal documents, and campaign materials, and remain alert for follow-on disclosures indicated by the threat actor.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
