Ransomware Group: QILIN

VICTIM NAME: WIBAIE

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page details a cyberattack targeting WIBAIE, a well-established joinery company based in Cholet, France, with over 50 years of experience in the building and housing industry. The attack was discovered on July 22, 2025, and reportedly occurred on July 10, 2025. The incident resulted in the complete shutdown of the company’s manufacturing plant, causing significant operational disruption and affecting approximately 600 employees. The attack appears to have involved malware designed to compromise the company’s digital infrastructure, although specific details about the data exfiltration are not provided. The page includes visual evidence such as screenshots of internal documents or systems, emphasizing the severity of the breach. Consequently, the affected business is actively working with cybersecurity experts to recover from the incident and restore normal operations.

The leak page confirms the presence of downloadable data or leak material, although no direct URLs or specific files are publicly disclosed for security reasons. A link to the claim site is available via an onion site, indicating the use of dark web channels for leak distribution. Media coverage highlights the incident’s impact on the company’s production capabilities and recent media attention, including reports from regional news sources. The attack’s attribution remains unspecified, but the breach underscores the rising threat of ransomware to industrial and manufacturing sectors, especially in smaller enterprises or those with limited cybersecurity defenses. The visual content provided offers a glimpse into the internal environment of the target, reinforcing the need for awareness and proactive security measures in such industries.