Ransomware Group: DEVMAN

VICTIM NAME: piriou[.]vn

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DEVMAN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware incident involving the victim domain “piriou.vn” was identified on May 19, 2025. The attack resulted in the encryption of all files and a complete system lockout, reflecting a severe disruption to the victim’s operations. The reported ransom amount is approximately 383,000 USD, which suggests the attackers demanded a significant payment for data decryption. The targeted entity appears to be based in Vietnam, although specific details about the activity sector are not provided. The leak page does not contain screenshots, press releases, or direct links but indicates that all affected data has been encrypted, Confirming the severity of the cybersecurity breach.

The leak page does not specify any compromised personal or corporate data, but it emphasizes that the attacker group “devman” was responsible for this incident. There is no evidence of additional files, images, or sensitive information shared publicly. The primary focus is on the encryption of files and the lockout of the system, with the attacker threatening to withhold data unless the ransom is paid. This incident highlights the importance of robust cybersecurity measures to prevent and mitigate such attacks, especially in regions with potentially vulnerable infrastructures. Efforts to analyze the incident further should consider the details surrounding the encrypted data and any potential negotiations for data recovery.