Ransomware Group: SAFEPAY

VICTIM NAME: kolpa[.]com[.]pe

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SAFEPAY Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to an online marketplace based in Peru, operating under the domain “kolpa.com.pe”. The site specializes in selling authentic, handcrafted products sourced from local Peruvian artisans, including food, clothing, decorative items, and accessories that reflect Peru’s rich cultural heritage. The attack date has been recorded as May 6, 2025, indicating when the breach was identified or publicly disclosed. The page includes a screenshot of the victim’s website, providing visual confirmation of the targeted platform, but no sensitive or personally identifiable information has been included in the leak description.

The leak appears to originate from a group identified as “safepay,” and there is evidence that data such as user information or internal details may have been compromised, though no specific details are provided. Additionally, the page references an infostealer component, which indicates the attack could have involved data extraction tools targeting potential user or system data, but no explicit data points are shared in the leak. Download links or leaked data capabilities are not explicitly detailed, but the presence of a screenshot suggests potential exposure of internal interface elements or documentation. The site’s description highlights its focus on promoting cultural products, and there is no indication of other industries or unrelated sectors.