Ransomware Group: QILIN

VICTIM NAME: SFG Technology Sdn Bhd

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page centers on SFG Technology Sdn Bhd, a Malaysia-based company described as operating in high voltage and medium voltage electrical power systems, solar renewable energy, and smart grid solutions. Its product lines include electrical network management systems, power factor capacitors, and testing/measurement equipment. The post, dated October 14, 2025, presents SFG Technology Sdn Bhd as a ransomware victim and frames the incident as a data leak resulting from data exfiltration. The page does not clearly indicate that the victim’s systems were encrypted, and no ransom figure is disclosed in the available material. In this context, the date provided is the publication date of the post, not a separately stated compromise date.

Regarding the scope of the leak, the page indicates three images are present, described as screenshots or internal documents. While the exact contents of these images are not detailed in the excerpt, their inclusion supports claims of exfiltrated material. The page also references internal-disclosure artifacts such as a Jabber contact (redacted) and an FTP-style data link with credentials that are also redacted. A group identifier on the page is listed as “qilin.” The combination of these elements—media assets, redacted contact details, and exfiltration cues—aligns with common data-leak presentation patterns seen in ransomware publications. There is no explicit ransom amount visible in the excerpt.

In terms of impact and exposure, the page presents SFG Technology Sdn Bhd as the victim of a data-leak operation rather than a clearly stated encryption event. The body text notes that the amount of downloaded data is unknown at the moment, and the input data does not provide a confirmed data size or a downloadable dataset. The page’s structure suggests exfiltration activity and potential public release of stolen data, but without a stated compromise date beyond the post date, the exact timeline of events remains unclear. The post date remains October 14, 2025, and the page attributes the activity to the group identified as qilin.