Ransomware Group: FLOCKER

VICTIM NAME: A*****e[.]gov[.]ae

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the FLOCKER Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page pertains to a ransomware incident involving a government entity, specifically the agency identified as A*****e.gov.ae, which operates within the public sector. The attack was discovered on June 5, 2025, and the threat actors reported that they successfully breached the organization’s main servers, leading to the exfiltration of sensitive data. The group responsible for this attack is known as “flocker,” and the leak page includes a screenshot providing visual evidence of the compromised systems. The attackers have publicly claimed the breach and have included a link to a claim URL on the dark web, indicating the data leak and exfiltration activities.

The posted description indicates that the compromised data likely involves critical government operations and sensitive information. Although specific details and the nature of the exfiltrated data are not fully disclosed, the announcement suggests a significant security breach affecting government functions. The incident underscores the ongoing threat to public sector institutions from sophisticated cybercriminal groups aiming to disrupt services or leverage stolen data for malicious purposes. No personally identifiable information or sensitive identifiers are revealed in the public leak summary, maintaining appropriate confidentiality. The page also features a screenshot of internal documents or interface elements, pointing to the severity of the breach.