[QILIN] – Ransomware Victim: Rex-Hide

AI Generated Summary of the Ransomware Leak Page

On November 7, 2025, a ransomware leak post publicly identifies Rex-Hide as the victim in a post attributed to the threat group qilin. The entry frames the incident as a data-leak event, consistent with double-extortion campaigns that disclose stolen material online. The metadata lists a post date of 2025-11-07 and notes that a claim URL is present on the page, suggesting the attackers provide a link to additional information or a data-claim resource. Ten image attachments are listed on the page, described as screenshots or internal-document visuals; no direct data downloads are indicated in the available data. The industry field is not provided, and there is no explicit ransom amount disclosed in the record. Content is hosted via a Tor onion service, and direct URLs have been defanged in this summary.

The leak page includes ten visual assets, interpreted as screenshots or thumbnails of internal documents or materials related to the breach. While the images are present, the exact contents are not described in detail here. A short body excerpt reiterates the victim name and includes a hashed identifier, which is typical of leak postings that reference exfiltrated material. There is no industry data provided beyond the generic entry, and no ransom figure is shown in the available data. Taken together, the post signals a data-leak scenario rather than a simple encryption event, with attackers offering a claim URL and presenting visuals to substantiate the breach, all hosted on a defanged Tor onion service.