[RHYSIDA] – Ransomware Victim: Gemini Group
NOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by RedPacket Security. Any legal issues relating to the content should be directed at the attackers, not RedPacket Security. This blog is an editorial notice informing that a company has fallen victim to a ransomware attack. RedPacket Security is not affiliated with any ransomware threat actors or groups and will not host infringing content. The information on this page is automated and redacted whilst being scraped directly from the RHYSIDA Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
On October 28, 2025, Gemini Group is identified on the leak page as a ransomware victim. The industry of the company is not specified, and there is no explicit indication whether the attack encrypted systems or exfiltrated data; the post does not describe the impact. No compromise date is provided, so the posted timestamp should be treated as the post date. The description field contains only the victim name and offers no further detail about the incident or the data involved.
There are no screenshots or media on the leak page (images_count = 0; downloads_present = false) and no links or attachments (link_count = 0; claim_url_present = false). The post does not provide a ransom amount or any other financial demand (income_or_ransom is empty). Overall, the Gemini Group leak entry is minimal, with no visible media or data-type specifics disclosed.
Support Our Work
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.
