[DRAGONFORCE] – Ransomware Victim: Tomb Multimedia Productions
Ransomware Group: DRAGONFORCE
VICTIM NAME: Tomb Multimedia Productions
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the DRAGONFORCE Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
Tomb Multimedia Productions is identified as the victim on the leak page. The company is described as an Australian technology firm. The post is dated August 21, 2025 (timestamp: 2025-08-21 18:50:47.127753). The dataset associates the entry with the threat actor group dragonforce and notes that a claim URL is present on the leak page, though the actual link is not provided in the data. The available metadata does not specify whether the incident involved encryption or a data leak, nor does it provide any ransom figures.
The leak page provides no visual material; there are no images or screenshots (images_count = 0) and no downloadable files or documented size metrics (downloads_present is false). The page’s body excerpt is empty, and there are no attached photos or files listed in the available data. The description field contains a generic sentence that does not clearly reflect the incident specifics. No PII is present in the data, and the victim name remains Tomb Multimedia Productions.
Post date and implications: The post date is August 21, 2025. With no independently verifiable compromise date beyond the post date and no disclosed ransom amount in the metadata, the exact scope of the incident remains unclear from this dataset. The presence of a claim URL indicates an attempt to direct readers to additional content or negotiations, but the lack of visible content limits verification and the ability to assess risk based on this leak page alone.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
