[QILIN] – Ransomware Victim: Izaki Group Investments

AI Generated Summary of the Ransomware Leak Page

On 2025-10-27 17:10:16.730606, Izaki Group Investments, a financial services firm based in Israel, is identified on a ransomware leak page attributed to the threat group Qilin. The page provides basic victim context—industry and country—but does not list a clearly stated compromise date in the metadata; consequently, the posted date is treated as the post date. The leak entry notes that a claim URL is present, aligning with extortion practices that threaten public data release or negotiation leverage. Three image attachments are hosted on a Tor onion service and appear to be screenshots or internal-document visuals; the exact contents are not described in the metadata. The body excerpt contains a TOX tag with a long hash value and references an FTP data-share endpoint whose login credentials and recipient address are redacted in the public data.

The available fields do not specify whether encryption was performed or the ransom amount; there is no explicit mention of a data loss or encryption outcome. Downloads are flagged as not present on the page. The presence of three onion-hosted images and a claim URL is consistent with ransomware leak behavior that seeks to threaten or monetize data exposure. The victim’s sector is financial services and the country of operation is Israel, with the post dated 2025-10-27. A redacted FTP data-share reference in the body excerpt suggests the attackers are asserting access to a data-sharing channel, though sensitive contact details have been removed from the public record.