[DEVMAN] – Ransomware Victim: dovesit[.]co[.]za
Ransomware Group: DEVMAN
VICTIM NAME: dovesit[.]co[.]za
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DEVMAN Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The ransomware attack targeted a technology company operating in South Africa, specifically the domain dovesit.co.za. The incident was discovered on May 1, 2025, and involved the encryption of the company’s file server along with all backup data, totaling approximately 120GB of files. The threat actors, identified as part of the group “devman,” claimed to have stolen sensitive information as part of their extortion tactics. The attempted ransom was approximately 550,000 USD. The leak page indicates that the company’s data, including internal files, was compromised and potentially exfiltrated, posing significant risks to its operations and confidentiality.
The attackers utilized an infostealer to harvest data from the victim’s network, although there are no publicly available details about employees, third-party accesses, or user accounts. Visual content such as screenshots is not provided, but the documentation suggests that internal files and backups were encrypted and stolen. The incident appears to be part of a broader campaign targeting organizations within the technology sector in South Africa. No further press statements or additional leak details are available at this time. This breach highlights the importance of robust cybersecurity measures and offline backups to mitigate such devastating attacks.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
