Ransomware Group: QILIN

VICTIM NAME: Metricon Homes

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Metricon Homes, a prominent residential construction company based in Australia. Founded in 1976, the company has established a long-standing reputation in the home-building industry with a presence across the country. The breach was discovered on July 24, 2025, and the attack date is recorded as July 21, 2025. The leak includes a screenshot of relevant internal information, possibly indicating sensitive data exposure. The threat actor group responsible is identified as “qilin,” and the incident involves an information-stealer tool, suggesting that valuable corporate data may have been compromised. The breach could impact various aspects of the company’s operations and customer trust. The leak’s claim URL and the broader context indicate that confidential information or documents might have been accessed or published publicly, although specific details are not included in this report.

The leak page provides a link to a detailed claim and evidence portal hosted on the dark web. This portal could potentially contain additional sensitive information, but it is not accessible through this summary. The page also includes a visual screenshot, which shows internal documents or alerts related to the incident. As the incident involves a construction enterprise, the exposure of proprietary project data or client information could pose significant risks. The breach demonstrates the importance of cybersecurity measures for large organizations handling critical infrastructure and high-value data. Overall, the leak signifies a serious security incident that may have implications for the company’s operations, stakeholder trust, and future cybersecurity protocols.