Ransomware Group: CHAOS

VICTIM NAME: Veethree

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the CHAOS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to the network of companies collectively known as Veethree, a global technology enterprise serving hundreds of OEM customers across multiple continents, including North America, Europe, Asia, and Oceania. The breach was discovered on June 5, 2025, and its attack date is recorded as June 5, 2025. The compromised data involves approximately 3 GB of information, which has been targeted and exfiltrated by threat actors associated with the Chaos group. The hacking operation appears to have involved infostealer malware, notably Lumma, which is used to gather sensitive data. The page includes a screenshot of internal documents or system interfaces, emphasizing the extent of the data extracted. No PII or sensitive individual details are included in this summary, focusing instead on the scope and nature of the attack.

According to the leak page, the attack is linked to a sophisticated cybercriminal operation targeting the organization’s digital infrastructure. The threat actors have claimed responsibility and provided a claim URL on an onion site for further communication. Their activities suggest an intent to disrupt the company’s operations or to extract valuable corporate intelligence. The affected organization, Veethree, specializes in innovative technology solutions with a presence across multiple countries, including the United States, the United Kingdom, India, and New Zealand. The breach highlights the importance of cybersecurity measures for multinational technology firms, especially those dealing with critical OEM data, which could potentially impact their global operations. While the leak details do not include specific data types or compromised systems, the large data volume indicates significant potential exposure.