Ransomware Group: DATACARRY

VICTIM NAME: FrontierCo

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DATACARRY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The victim, a company operating within the consumer services sector based in South Africa, was compromised on May 26, 2025. The attackers associated with the group ‘datacarry’ have leaked data from their systems. The breach has involved the use of multiple data theft tools, notably Lumma and Raccoon infostealers, which are known for extracting sensitive information from infected systems. The attackers have also targeted third-party domains, suggesting a widespread effort to access connected networks or related entities. Although no detailed description of the stolen data is provided, the presence of a leak indicates significant security concerns for the company’s systems and its customers.

Recent updates to the leak page include modifications to the activity logs and the company’s website, highlighting ongoing efforts by the threat actors. The leak page contains references to multiple users and third-party domains, implying potential exposure of client or internal data. While no explicit screenshots or images are associated with this leak, the detailed activity suggests the attackers’ continued monitoring or further data releases. The leak can be accessed via the provided URL, which directs to a broader database of ransomware victims. This incident underscores the importance of cybersecurity vigilance for organizations in the consumer services industry, especially those operating in South Africa, to prevent similar breaches and mitigate risks associated with such intrusions.