Ransomware Group: QILIN

VICTIM NAME: Krusell

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to an attack on a company listed under the name “Krusell.” The attack was discovered on July 21, 2025, with the breach date also recorded as July 21, 2025. The incident involves the Qilin group, a known threat actor, who has claimed responsibility for the attack. The victim is associated with the technology industry and is based in Thailand. The leaked data appears to include information related to the company’s operations, though explicit sensitive content has not been publicly detailed in the leak summary. The page includes a screenshot depicting internal documents or data, indicating the severity of the breach and potential exposure of internal information. Additionally, there are references to the company’s website, adiantes.com, suggesting that the attacker might have targeted multiple entities or networks involved with the operational ecosystem. The leak seems to reveal the compromise of datasets and possibly confidential business information, but no personally identifiable information (PII) or customer data has been explicitly disclosed in the available overview. The leak page was accessed via a dark web URL, with a claim link provided for further details, and confirms ongoing activities from the threat group Qilin. Overall, this incident underscores the risk of targeted cyberattacks against industrial or commercial entities involved in manufacturing and technology sectors in the region. It also highlights the importance of robust cybersecurity measures to prevent data breaches and protect sensitive business information.

The leak includes a screenshot showcasing internal data, which may contain sensitive operational details or business documents. No explicit download links or data files are exposed publicly in the overview, but the presence of the leak indicates that data has been exfiltrated or accessed unlawfully. The company, involved in manufacturing or technology, may face significant operational risks depending on the scope of the leaked information. The attack reflects an on-going trend of cybercriminal groups targeting enterprises with organizational or industrial relevance, particularly in Southeast Asia. While no personal customer or employee data is publicly mentioned, the potential for further malicious use of the compromised information underscores the importance of vigilance and immediate cybersecurity response. The victim’s depiction suggests them as a key player in their industry, and the attack serves as a reminder of the importance of safeguarding digital assets. The leak’s exposure of company documentation and internal screenshots signals the need for organizations to implement strong security practices to mitigate similar threats in the future.