Ransomware Group: QILIN

VICTIM NAME: Specialty Components

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to the company identified as Specialty Components, which specializes in designing and manufacturing precision air bearings used in semiconductor manufacturing, machinery, and metal optics. The breach was publicly disclosed on July 16, 2025, and the incident was discovered later that same day at approximately 10:48 AM. The leak does not specify the nature of the data compromised, but it indicates that sensitive information may have been accessed or exfiltrated. A screenshot of the victim’s website or internal documents is included, suggesting that visual evidence of the internal structure or data may be available. The attackers are affiliated with a group known as “qilin,” and additional details such as the attacker’s infostealer or press statements are not provided. Download links or data leaks are implied, but no specific files or URLs are disclosed publicly.

The company’s activity is categorized as manufacturing of specialized components, without additional geographic information. The leak page serves as a warning or proof of compromise, emphasizing the importance of cybersecurity for industrial companies dealing with sensitive or proprietary manufacturing processes. The presence of an onion site link indicates that the attackers operate on the dark web, maintaining anonymity while possibly offering data for sale or further exploitation. The incident highlights ongoing threats to manufacturers in technical sectors, where targeted attacks can lead to significant operational risks. The included screenshot visually supports the credibility of the leak, though specific data or documents are not detailed in the publicly displayed information.