[DIREWOLF] – Ransomware Victim: Avv Emilio Marco Casali
Ransomware Group: DIREWOLF
VICTIM NAME: Avv Emilio Marco Casali
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DIREWOLF Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
On 14 August 2025 at 14:20:30, a leak page attributed to the Direwolf ransomware group references a victim described as a legal professional based in Italy. The victim’s name has been redacted to protect privacy, and the industry field is not disclosed in the metadata. The page includes a claim URL, a common feature of leak posts, but the scraped data provides no explicit compromise date beyond the post date. Accordingly, the post date is treated as the entry timestamp for this page.
According to the metadata, there are no screenshots or images on the page (images_count equals 0) and no downloadable content (downloads_present equals false). There is no stated ransom amount in the data (income_or_ransom is blank). The page identifies Italy as the victim’s country and does not disclose the victim’s industry. The presence of a claim URL without additional media suggests a minimal leak-post entry.
With no visible media, attachments, or explicit impact described in the data, this entry provides only high-level indicators: the group attribution (direwolf), the post date, and the victim’s redacted identity and location. The lack of a compromise date or ransom figure means no further conclusions about encryption status or data exfiltration can be drawn from the available metadata; monitoring for follow-up updates from the Direwolf group is recommended to determine whether additional leaks or ransom demands are disclosed.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
