Ransomware Group: QILIN

VICTIM NAME: Megachem Singapore

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to Megachem Singapore, a company operating within the manufacturing sector, specifically in chemical solutions. The attack was publicly disclosed on April 28, 2025, and the breach was identified a few days later on May 2, 2025. The leak page includes a screenshot of the compromised data, illustrating screenshots of internal documents or interfaces, which are typically used by attackers to demonstrate the extent of access gained during the breach. Although no specific PII or sensitive business information is publicly detailed, the leak signifies a significant cybersecurity incident affecting the company’s operations.

The leak indicates that the perpetrators may have stolen internal data or documents, possibly related to company operations and client information, although explicit details have not been disclosed. The attack is associated with a group called “qilin,” and there are no indications of additional malicious activities or information-stealing tools beyond the initial breach. The victim operates in Singapore and focuses on chemical manufacturing, aiming to meet customer needs through innovation. The publicly available screenshot hints at possible exposure of proprietary information or internal communications, emphasizing the importance of robust cybersecurity measures for manufacturing companies. No publicly available download links or additional data leaks are confirmed at this stage.