[QILIN] – Ransomware Victim: ANCO

AI Generated Summary of the Ransomware Leak Page

ANCO is the victim named in the leak post. The page presents a substantial image gallery consisting of 42 image thumbnails, described in the annotations as screenshots of internal documents and related material. The images appear to be hosted on a defanged onion-domain host, and the actual URLs are not displayed in this summary. The leak page does not specify ANCO’s industry in the accessible content. A line within the body excerpt references ANCO with a “TOX” label followed by a long hexadecimal string, which reads as a token or hash rather than narrative content. The page also indicates that a claim URL is present, though the exact link is not shown here due to defanging.

According to the provided data, the post is dated November 3, 2025 (the key_date). No explicit compromise date is listed, so the post date serves as the temporal marker. The available excerpt does not reveal a ransom amount or explicit demand. The leak includes 42 image thumbnails that appear to be internal documents or related data, with no downloads or external links described in the excerpt beyond the defanged claim URL. The victim remains ANCO in the narrative, with other company names not reproduced here. Cross-referencing with the Ransomware[.]live metadata confirms this entry as a data-leak post, noting the presence of a defanged claim URL but not exposing any actual links in this summary.