Ransomware Group: LYNX

VICTIM NAME: derichsukonertz[.]de

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LYNX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to the domain derichsukonertz.de, a German company specializing in manufacturing gears for various industrial applications. The company’s website describes its long-standing history, dating back to 1967, and details its capabilities in producing precise, ready-to-install gear parts based on technical drawings or samples. The site emphasizes their expertise in both partial and retrofit gear manufacturing. The leak was discovered on May 2, 2025, although the attack occurred earlier on the same day, around 05:12 UTC. The page includes a screenshot of the compromised website, illustrating the company’s professional profile and online presence. Notably, no personally identifiable information or sensitive internal data appears to have been leaked, but the presence of this leak indicates potential data exposure from the company’s website environment.

The leak is associated with the group “lynx,” which appears to have targeted the victim’s website. The attackers may have accessed public content, including descriptions of the company’s manufacturing activities and its privacy policy. There is no evidence of additional data, such as employee information or sensitive operational data, being publicly leaked at this time. The leak’s public URL and the included screenshot suggest that the focus was primarily on the company’s online presence rather than on confidential internal information. The incident underscores the importance of cybersecurity measures to protect industrial and manufacturing websites from ransomware attacks and data breaches.