Ransomware Group: AKIRA

VICTIM NAME: D’Granel

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the AKIRA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page for D’Granel, a transportation and logistics company based in Brazil, provides details about a cyberattack that occurred on April 16, 2025. The incident involves the unauthorized exfiltration of over 40 GB of essential corporate data, including financial reports, confidential documents, nondisclosure agreements, and contact information of employees and clients. The page indicates that the attackers, associated with the group “akira,” have threatened to release the sensitive data, which could potentially impact the company’s operations and reputation. The attacker claims readiness to publish the stolen data, emphasizing the severity of the breach and the threat to corporate confidentiality.

The reveal includes a warning about the nature of the leaked information, which encompasses financial audits, payment details, and corporate communications. These types of data are highly sensitive and could lead to financial fraud, identity theft, or other malicious activities if publicly disclosed. The page contains a screenshot placeholder, suggesting that visual evidence of the attack or data theft might be available, although no specific images are included in the provided information. The incident highlights the growing threat faced by companies in the transportation sector from cybercriminal groups aiming to extract and threaten to release sensitive corporate data.