Ransomware Group: DRAGONFORCE

VICTIM NAME: KraftKisarna

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to a Swedish company specializing in electrical control systems, fire alarm installations, and infrastructure projects related to railways and train stations. The company provides comprehensive electrical installations in infrastructure, including lighting, power systems, and track-related environments, along with peripheral areas such as green spaces, walkways, and bridges. Despite being a relatively young organization, it boasts extensive experience and a solid client base that includes the Swedish Transport Administration, municipal authorities, and industrial entities. The leak was discovered on April 16, 2025, and was publicly claimed on April 14, 2025, by a hacking group known as DragonForce. The leak site includes a screenshot of the compromised data and indicates a breach of sensitive company information.

The threat actors have publicly claimed responsibility for the attack and have potentially leaked internal data. At present, there are no indications of specific stolen files, personal data, or confidential project details shared publicly. The leak appears to be part of a broader campaign by the group to exfiltrate and publish accessible information from targeted entities. The company’s operational focus on critical infrastructure underscores the importance of cybersecurity measures, although no specific vulnerabilities or attack vectors are disclosed in this leak. The breach’s impact remains unknown, but it highlights the ongoing risks faced by organizations involved in infrastructure and public service sectors. The included screenshot provides a visual confirmation of the breach, but no explicit sensitive data is visible within the provided image. No additional information about the scope or consequences of the breach has been publicly disclosed at this time.