Ransomware Group: DRAGONFORCE

VICTIM NAME: Grupo Serex

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On October 8, 2025, a ransomware leak page attributed to the DragonForce group identifies Grupo Serex as a victim. The page presents Grupo Serex as a Venezuelan conglomerate with a diversified portfolio spanning bulk handling and logistics, poultry and feed production, and cacao product processing. The business units described include Segramar — Bulk Handling at Ports (bulk cargo handling and berthing support for bulk carriers), Transmarine — Shipping Agency (full ship agency services for bulk carriers), Transcargo — Heavy Transport & Logistics (national bulk transport and heavy/oversized cargo movements), Proalex (Productora de Alimentos Serex) — Poultry & Feed (poultry processing and animal-feed manufacturing), and Alto Prado — Cacao Products (production and sale of cacao products). The post frames Grupo Serex as an integrated solutions provider for bulk loading/unloading and raw-material transport, with parallel poultry and cacao operations. The page mirrors a data-leak style post that exposes corporate descriptions and internal materials, and it notes a claim URL within the page indicating the attackers’ intent to release additional data.

The post is dated October 8, 2025, and the excerpt does not reveal a separate compromise date; thus, the publication date is treated as the post date. The leak page includes 24 image attachments described in the annotations, which appear to be internal documents or materials accompanying the disclosure. A claim URL is referenced, signaling that the attackers claim to have exfiltrated data and may release more material, though the excerpt does not specify any ransom amount or encryption status. The content emphasizes Grupo Serex’s cross-divisional operations—from port-handling and logistics to poultry and cacao processing—highlighting the potential breadth of impact should internal materials be exposed. No personal identifying information is present in the excerpt, and the focus remains on the corporate profile of Grupo Serex.

In summary, the leak page centers on Grupo Serex as an integrated Venezuelan conglomerate with multiple operational lines, including Segramar, Transmarine, Transcargo, Proalex, and Alto Prado. The inclusion of a sizable set of internal-image attachments and a claim URL suggests a traditional data-leak approach, where attackers disclose corporate materials to pressure disclosure or ransom without detailing specific figures in the excerpt. The post date confirms the publication timing of October 8, 2025, and the material presented remains high-level corporate information rather than personal data.