Ransomware Group: QILIN

VICTIM NAME: kanzlei-schramm[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On October 4, 2025, a leak page associated with the ransomware group Qilin targeted kanzlei-schramm[.]com, a German legal and tax advisory firm. The post identifies the victim as kanzlei-schramm[.]com and describes a cybersecurity incident in which the attackers claim to have exfiltrated confidential information from the firm’s network. The post casts the event as a data-leak rather than a full encryption, and it provides a claim URL to publicly assert the breach. While the metadata does not list a compromise date, the stated post date serves as the published timestamp for this incident, and the leak is attributed to the Qilin group. The content positions kanzlei-schramm[.]com as a victim of a high-profile data exposure.

The leaked text characterizes the firm as operating in legal and tax advisory services, with mentions of focus areas such as tax law and business mediation. It suggests that the firm handles tasks like accounting, accounts receivable management, and tax return preparation, implying that sensitive commercial information could be at risk. The page accompanies the post with a gallery of 27 screenshots intended as evidence of the data exposure; the exact contents of these images are not described in the summary. There is no indication of a downloadable data package in the metadata, and no ransom amount is disclosed. Additionally, the post references contact channels and credentials that were present in the leak, though such Personal Data and credentials are redacted in this sanitized summary.

In summary, kanzlei-schramm[.]com is presented as a German law and tax advisory firm that appears to have experienced a data-leak event, with 27 internal-image documents offered as proof and a post date of 2025-10-04. The leak is attributed to the Qilin group, and while the post includes references to exfiltration and contact details, these elements have been redacted here to remove sensitive information. No ransom amount is provided in the available data, and no explicit compromise date beyond the post date is given. Defanged references to URLs and other network indicators are used in the leak’s materials, aligning with common leak-page practices.