Ransomware Group: BLACKLOCK

VICTIM NAME: Solar City Tyre Service

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BLACKLOCK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Solar City Tyre Service, a business established in 1994 and operating within the consumer services sector in Australia. The company primarily services commercial clients, local farmers, and earthmoving companies. The attack was detected on June 3, 2025, and the breach was discovered the following day. The leak appears to include data related to the company’s operations, though specific sensitive details have been redacted for privacy and security reasons. The page contains a screenshot of internal information, suggesting that confidential business data or potentially compromised documents may have been exposed. A link to the illicit data download is provided via an onion site, indicating steps taken by threat actors to leak or sell the stolen information publicly. No personally identifiable information (PII) or employee data has been disclosed in the available content.

Additional context indicates that the attack was carried out by a group called “blacklock,” which is known for targeting various sectors with ransomware. The presence of a screenshot and a download link points to the possibility of the leak containing proprietary or operational data relevant to the victim’s business activities. The incident underscores the growing cybersecurity risks facing local businesses involved in services for agriculture and construction, highlighting the importance of strong security measures. The metadata shows the attack date as June 3, 2025, and the breach was publicly discovered on June 4, 2025. The breach emphasizes the persistent threat posed by ransomware groups seeking financial gain through data exfiltration and leak campaigns.