Ransomware Group: LYNX

VICTIM NAME: motorsport-de-la-capitale

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LYNX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with the victim “Moto Sport de la Capitale” provides details about a cyber incident that occurred on June 24, 2025. The affected entity is a dealership specializing in motorized sports vehicles such as motorcycles, ATVs, snowmobiles, and recreational vehicles. The firm is located in Rouyn-Noranda, Abitibi-Témiscamingue, and offers various services including sales, maintenance, and financing. The leak page includes a screenshot depicting internal information, indicating that sensitive data may have been compromised during the attack. Additional details about the group responsible are not specified, but the incident was discovered almost an hour after the attack date. No specific information about the type of data stolen or leaked is publicly available, but the presence of a leak URL suggests that data may have been exposed online.

The leak page features a detailed visual overview of the breach, including screenshots that possibly contain internal documents or proprietary information. The operational details such as the attack date and discovery time are documented, highlighting the timeline of the incident. The company’s website is included, but no direct links to stolen data are provided within the summary. The attack appears to be part of the activities of a group identified as “lynx,” which is known within the ransomware scene. There is no indication of specific data types or the extent of the data breach, but the presence of a public claim URL confirms that the incident has been acknowledged and that the affected organization is actively engaging with the leak process.