Ransomware Group: CLOAK

VICTIM NAME: Bosshard-farben[.]ch

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the CLOAK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a Swiss company specializing in the sale of paints and related products, identified as Bosshard-farben.ch. The incident was discovered and publicly disclosed on April 18, 2025. The company’s activities include offering a wide range of interior and exterior paints, lacquers, glazes, plasters, and other painting supplies, serving both professional painters and DIY customers. The attack date is recorded as April 18, 2025, at 14:25. The leak page suggests that sensitive information from the company has been compromised and made accessible on the dark web. There are indications that data leaks include internal documents or files, although specific details or files are not publicly disclosed at this stage. The webpage includes no explicit screenshots or visuals, but the presence of the leak indicates potential exposure of proprietary information, which could impact the company’s operations and customer trust.

The leak site is part of a group or operation identified as “cloak,” which typically indicates a method of anonymizing or hiding the source of the attack. The target industry is manufacturing, with the company based in Switzerland. No personal identifiers or PII are exposed in the publicly available information. The breach underscores the ongoing risks faced by companies in the manufacturing sector, especially those involved in retail and wholesale of specialized products. While the specific files or data affected are not detailed, the leak highlights the importance of rigorous cybersecurity measures to prevent unauthorized access and data exfiltration. No additional images or screenshots are linked, but the presence of such leaks emphasizes the potential for sensitive company data to be disseminated on the dark web.