Ransomware Group: PAYOUTSKING

VICTIM NAME: G****d

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the PAYOUTSKING Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to a victim identified only by a partially obscured domain, associated with a group known as “payoutsking.” The incident was publicly discovered on July 9, 2025, and involves the exfiltration of approximately 150 gigabytes of data. The attack was carried out in the United States, although specific details regarding the victim’s activity or industry are not provided. The leak appears to include sensitive information stolen from the victim’s systems, which may be put up for sale or exposure as part of the ransom notification.

The page indicates that no further details are available about the victim’s employees or any third parties involved. Despite the absence of explicit content descriptions or visual evidence, the mention of a screenshot placeholder suggests some form of visual record exists, possibly of compromised data or internal interfaces. The focus of the leak is primarily around data exfiltration, with no evidence of additional malicious activity detailed. Security researchers may analyze this data for further indicators of compromise, but publicly, the leak underscores the ongoing threat posed by cybercriminal groups targeting organizations across the United States.