Ransomware Group: SINOBI

VICTIM NAME: Advanced Security Systems

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the SINOBI Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

Post date: August 13, 2025. No explicit compromise date is provided in the data; the leak page’s post date serves as the published date. The victim named on the page is Advanced Security Systems, a technology-sector provider described as a long-standing designer, installer and service provider for burglar and fire alarms, video surveillance, access control and home automation. The narrative notes that the company transmits alarm signals to a local monitoring station in Eureka and brands it as the North Coast’s sole local central station, underscoring its history as a family-owned business since 1971. The post frames the incident as an encryption event rather than a straightforward data leak and references a claim URL for further details (the URL is not reproduced here). Five images accompany the post, appearing to be screenshots of internal documents; these images are hosted on onion services, with the actual URLs defanged in this summary.

The leak page includes an excerpt that uses the term “Encrypted” alongside numeric and date metadata, including a value of 25,100,000 and the date August 13, 2025, plus another figure (77). The exact meaning of these numbers is not explained in the available data. There is no clearly stated ransom amount in the excerpt. The page presents five image attachments and a claim URL, consistent with common ransomware leak-page patterns that accompany data-exfiltration and potential data release. PII and non-relevant identifiers have been redacted in this summary, and the image links are defanged to prevent direct access. Overall, the content reflects a ransomware leak post claiming encryption as the impact, targeting a security systems integrator in the technology sector.