[QILIN] – Ransomware Victim: Super Value

AI Generated Summary of the Ransomware Leak Page

On October 29, 2025, a leak post identified the victim as Super Value and attributed the intrusion to the threat group qilin. The industry field is not disclosed in this dataset, and the post date is 2025-10-29 15:21:54.498512, which is treated as the publish date since no separate compromise date is provided. The page reads as a data-exfiltration disclosure and includes a claim URL, suggesting the attackers intend to reveal the stolen material or pressure payment. The post features 20 image assets that appear to be screenshots of internal documents or data extracts; these images are hosted on onion-network addresses, defanged in this write-up, and there are no other downloadable files referenced. The body excerpt indicates a typical blog-like leak page structure, including embedded web form code, rather than a straightforward corporate portal.

The presence of 20 images alongside a claim URL aligns with ransomware double-extortion patterns, where attackers threaten public release of stolen data in addition to encryption. The dataset does not specify an explicit ransom amount, and no separate compromise date is provided beyond the post date. Given the focus on the victim name Super Value, defenders should monitor for any updates or posted materials on this leak page and assess potential exposure of sensitive information. The onion-hosted nature of the image assets suggests the attackers are leveraging Tor for leak hosting and communications. While the industry for the victim remains undisclosed in the data, the combination of visual evidence and a ransom-claim link indicates a data-leak posture typical of modern ransomware campaigns.