Ransomware Group: WORLDLEAKS

VICTIM NAME: ASC Machine Tools

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak pertains to ASC Machine Tools, a manufacturing company based in the United States that specializes in producing high-quality equipment for the metal building and steel processing sectors. The breach was discovered on May 29, 2025, and the attack date is recorded as May 29, 2025. The company’s long-established history since 1949 underscores its significance in the industry, with a focus on designing and manufacturing equipment such as roll forming machines and panel lapping machines. The leak page includes an image that appears to be a screenshot related to the incident, indicating that sensitive information or internal data may have been accessed. The presence of download links or data leaks suggests that confidential information might be compromised, posing cybersecurity concerns for the organization. No explicit technical details or PII are disclosed, but the leak’s general nature indicates a serious breach affecting the company’s operations and integrity.

The leak page is hosted on a dark web platform, associated with the “worldleaks” group, and provides a claim URL for further verification. The URL and data access point to potential exposure of internal documents or business-sensitive information, though specific details are not publicly revealed. The screenshot displayed hints that attackers may have obtained documents or images relevant to the company’s operations. The company’s activity in manufacturing, combined with the leak’s timing and available evidence, emphasizes the importance of cybersecurity measures to prevent further data exfiltration or operational disruption. The incident highlights ongoing vulnerabilities facing industrial manufacturers in the current cyber threat landscape.