Ransomware Group: QILIN

VICTIM NAME: hXXp://www[.]balkankalip[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak involves Balkan Kalıp, a manufacturing company founded in Istanbul, Turkey in 1998. The company specializes in producing molds and automotive parts, contributing to the automotive industry’s supply chain. The breach was discovered on July 22, 2025, and the attack is believed to have occurred around July 17, 2025. The leak page indicates that sensitive internal data was compromised as part of the incident. The attackers, associated with the group known as ‘qilin’, have published the data on a dark web site, along with a screenshot showing internal documents. The leak includes references to data theft or potential data exfiltration, although specific details are not disclosed publicly. The victim’s business activities and industry suggest a significant commercial impact. The leak page provides a link to the published data, and emphasizes the severity of the attack, urging for further investigation and mitigation. A screenshot of the compromised system’s internal documents is shared, indicating potential exposure of proprietary information. The attack highlights cybersecurity vulnerabilities within manufacturing sectors and the ongoing threat posed by ransomware groups targeting industrial companies in Turkey.