Ransomware Group: DATACARRY

VICTIM NAME: Étude Bordet

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DATACARRY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to an entity identified as “Étude Bordet,” a real estate firm based in Belgium that specializes in property auctions. The site provides information about their services, which include property valuations, asset management, and legal guidance related to property transactions. The company’s operations support both buyers and sellers throughout the auction process, highlighting their expertise in real estate transactions. The leak was discovered on May 26, 2025, and the attack date is noted as May 26, 2025, at 17:40. The leak indicates the compromise of sensitive data and shows evidence of unauthorized access to the victim’s internal systems. The page includes references to data exfiltration activities, possibly including internal documents or screenshots, although no explicit sensitive details are publicly provided. This incident emphasizes the importance of cybersecurity measures for organizations handling valuable and confidential property information. The leak message mentions that the attacker has updated the website and activity logs, suggesting ongoing or recent malicious activities. Notably, the leak contains references to various malicious data-stealer tools used by cybercriminals, revealing potential threat actors involved in the attack. It is essential to monitor the situation for further developments or potential data leaks related to this incident.

No personally identifiable information or sensitive company details are disclosed beyond the general description of the incident and the victim’s activity. The page indicates the presence of data stolen, with references to threat actor tools and potential data exfiltration, but does not provide specific URLs or data files publicly available for download. The incident underscores the vulnerability of entities involved in real estate services to cyber threats and highlights the importance of cybersecurity vigilance to prevent similar attacks in the future.