Ransomware Group: LYNX

VICTIM NAME: yahtec

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LYNX Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a French manufacturer specializing in gas heating solutions, known as YAHTEC. The attack was publicly disclosed on June 3, 2025, with the data breach occurring on the same day. Despite the attack, detailed information about the specific compromised data or the extent of the breach has not been explicitly disclosed to the public. The victim operates in the industrial and commercial sectors, providing heating and ventilation equipment for a variety of large-scale buildings and applications. The company is based near Paris, France, and serves markets across Europe and internationally.

The leak page includes a screenshot depicting internal documents or related visuals, which suggests that sensitive data or proprietary information may have been accessed during the attack. There are links indicating the presence of leaked data or downloadable information, although specific contents or data types are not detailed publicly. The website associated with the victim is active and publicly accessible, but no explicit confirmation of the scope or type of data compromised has been provided. The attacker’s group involved appears to operate under the moniker “lynx,” and the incident was discovered shortly after the attack was launched.