Ransomware Group: WORLDLEAKS

VICTIM NAME: Exel Composites

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the WORLDLEAKS Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

On August 25, 2025 (post date: 2025-08-25 06:00:00.000000), the leak entry published by the threat actor group worldleaks lists Exel Composites as a ransomware victim. Exel Composites is a Finland-based, global manufacturing company that designs, manufactures and markets composite profiles and tubes. Founded in 1960, the company operates across markets such as construction, transportation, and sporting goods, with a worldwide presence. The post provides a high-level profile of the victim, but there is no explicit compromise date beyond the post date, and the entry does not specify whether data was encrypted or a data leak occurred, nor is a ransom amount disclosed. The page indicates a claim URL is present, but there are no downloadable files or images attached to the listing. In this dataset, Exel Composites is the focus, and other company names are not highlighted per the summarization requirement.

The content on the leak page primarily offers background information about Exel Composites, described as a Finnish global technology company that designs, manufactures and markets composite profiles and tubes. The description notes the firm’s founding in 1960 and its global footprint across sectors such as construction, transportation, and sporting goods, with composites valued for strength, lightness, durability, and conductivity. The entry contains no actual samples of internal documents or screenshots; the page records zero images or screenshots, and there are no attachments or visible links beyond a present claim URL. The presence of a claim URL suggests the attackers intend a follow-up, but the available data do not reveal the scope of the incident, the extent of data exfiltration, or any ransom demand. Given the lack of corroborating details, observers should await official disclosures from Exel Composites for confirmation.