Ransomware Group: BLACKBYTE

VICTIM NAME: Allstarmg

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKBYTE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware incident involving the victim entity identified as “Allstar Marketing Group” was discovered on July 16, 2025, with an attack date also documented on the same day. The group’s domain, allstarmg.com, is associated with the BlackByte ransomware group. This organization, founded in 1999, specializes in performance marketing, working with brands on the cusp of becoming well-known consumer products. The leak content provides limited technical details but notes that an infostealer known as RedLine was identified, with data related to one user or employee possibly compromised. The information leak emphasizes the presence of malicious activity and indicates the threat actors targeted a company in the marketing sector, though specific industry or location details are unavailable. The leak appears to contain screenshots or other data, but no explicit references are included. The breach underscores the persistent threat posed by advanced ransomware groups targeting diverse industries worldwide.

No additional sensitive or personally identifiable information has been publicly disclosed. The report confirms that the incident involved the BlackByte ransomware group, known for targeted attacks and data leaks. Although specific victim details are scarce, the leak highlights the importance of cybersecurity vigilance for companies operating in digital marketing and related fields, especially given the ongoing threat landscape. The incident’s technical footprint is minimal, focusing primarily on the presence of an infostealer and the leak’s existence. As such, organizations are advised to review their security measures against similar threats and stay informed about emerging ransomware activities affecting their sector.