Ransomware Group: BABUK

VICTIM NAME: www[.]rekamy[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the BABUK Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page indicates a breach involving a company operating in the Software as a Service (SaaS) industry, inferred from the content relating to a specific entity referred to as “Rekamy.” The page mentions that a significant amount of confidential data has been stolen, including customer information, documents, and payment records pertaining to various companies hosted on the victim’s network. The malicious actors claim to have infiltrated Rekamy’s systems and gained access to sensitive data, which they threaten to leak unless the demanded ransom is paid. The post noted that the victim’s website has received 437 views, reflecting a growing interest in the leaked content.

The leak page also details the dire consequences of non-compliance, threatening the release of all files and databases that include personally identifiable information (PII) such as names and addresses should the victim fail to respond within a given timeframe. Although the page references additional details about specific organizations that might be affected, no download links are present to access stolen data directly. The absence of graphic imagery or explicit details suggests a focus on intimidation through the threat of data exposure rather than showcasing the data itself. Overall, the implications of this breach underscore significant risks associated with SaaS providers and the importance of stringent cybersecurity measures.