Ransomware Group: WALOCKER

VICTIM NAME: SHUKAKU-INC

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WALOCKER Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page pertains to Shukaku Inc., a private real estate development company based in Phnom Penh, Cambodia. The attack date is recorded as June 10, 2025. This company is known for its controversial urban development projects, including significant land acquisitions within the capital city. The leak exposes sensitive business information, potentially including internal documents and data related to ongoing or past projects. The hackers claim to have compromised the company’s systems, and they have provided a link to a dark web claimant page for further details. The leak may include screenshots of internal files, reflecting the company’s activities and legal disputes concerning land deals.

The incident has been attributed to the hacker group “walocker,” which appears to focus on data exfiltration from corporate targets in the financial and real estate sectors. The leak does not specify the exact nature of the stolen data, but the presence of a screenshot suggests that internal content has been posted publicly. The victim, Shukaku Inc., operates mainly within the real estate development industry in Cambodia, impacting urban expansion initiatives. The leak emphasizes the potential risks related to data security breaches for companies involved in sensitive land transactions and urban development policies. No personal or employee data is explicitly mentioned, and the attack appears to be aimed at publicly exposing corporate activities.