[NOVA] – Ransomware Victim: AV Services Barcelona
Ransomware Group: NOVA
VICTIM NAME: AV Services Barcelona
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NOVA Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
AV Services Barcelona is depicted as a Barcelona-based audiovisual services provider with more than 15 years in the industry. The company operates in the Barcelona and Madrid markets, offering audiovisual production, hybrid events, streaming, videoconferencing, and equipment rental such as sound systems, LED screens, and lighting. The leak post claims that AV Services Barcelona was compromised by a ransomware operation and that approximately 100 GB of data was exfiltrated. The stolen data is described as including resources, billing information, customer data, plans, commercial data, data pertaining to BCN and factory operations, archives, videos, pictures, and documents, among other items. It also notes a desktop readme with guidance to recover encrypted files and a request to contact the attackers.
Post date: September 25, 2025. The leak page includes 11 image attachments, which appear as document-style thumbnails. The page asserts that some files have been encrypted and that a readme exists with instructions to recover the encrypted data, along with contact information for negotiation. No ransom amount is disclosed on the page. The content aligns with common ransomware extortion patterns, wherein data is exfiltrated and encrypted and attackers use the threat of public exposure or decryption tools to pressure the victim.
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
