Ransomware Group: BLACKLOCK

VICTIM NAME: Quick Frames USA

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a manufacturing company based in Arizona, United States, specializing in producing steel components for the commercial construction sector. The organization, identified as Quick Frames USA, employs fewer than 25 staff members and generates annual revenues below five million dollars. The attack date is recorded as May 28, 2025, with the victim’s data exposure discovered shortly thereafter. The exposed information is associated with a prominent grouping known as ‘blacklock,’ indicating a targeted attack, likely involving infostealer malware such as Raccoon. The incident involved the theft of data, including contact and employee information, although specific PII has been redacted in the report. The attack resulted in the leak of internal data, which can be accessed via a provided URL.

The page includes a screenshot indicating compromised internal systems or leaked data. Download links are available for malicious actors or interested parties to access the stolen data, emphasizing the severity of the breach. The attack appears to involve a data exfiltration employing malicious tools, further compromising the company’s information security. Despite the threat, no explicit details of the stolen data are disclosed publicly to protect sensitive information, but the leak underscores the importance of robust cybersecurity measures for manufacturing firms operating in the U.S. This incident highlights the ongoing risks faced by small to medium-sized enterprises in engaging with cybercriminal groups and the critical need for proactive defense strategies.