Ransomware Group: NOVA

VICTIM NAME: Kronospan

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the NOVA Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On October 7, 2025, Kronospan, an Austrian manufacturing company specializing in wood-based panels and related products, is identified as the victim in a ransomware leak post. Kronospan’s product range includes melamine-faced panels, worktops, wall panels, window sills, lacquered HDF, compact boards, high‑pressure laminates (HPL), plywood, and other decorative materials. The leak page is attributed to the ransomware group nova and references a claim URL, indicating the attackers intend to publicize details or negotiate terms; the actual URL is not shown in this summary. The dataset’s impact field is empty, so there is no explicit statement within this record about whether the breach involved encryption or a data leak. The post date is taken from the metadata as October 7, 2025.

The leak page contains no images or screenshots and reports no downloadable content in the provided data. A claim URL is indicated by the metadata, but the actual link is not displayed here. The content centers on Kronospan’s business and capabilities rather than providing explicit information about the attack method or a ransom amount; no ransom figure is recorded in the available fields. No personal data or contact information is present, and the summary retains Kronospan as the focal entity. The publication date is anchored to October 7, 2025, which represents the post date rather than any separate compromise date.