Ransomware Group: INCRANSOM

VICTIM NAME: cnnindonesia[.]com

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the INCRANSOM Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with “cnnindonesia.com” discloses that sensitive information related to their operations has been compromised. This incident was discovered on January 28, 2025. The site reportedly serves news on national, political, economic, international events, and provides updates on various sectors including technology and entertainment. While the specifics of the content exposed have not been provided in detail, it is noted that the breach has implications for their coverage and potentially impacts their audience, which includes 566 users and several third-party affiliations.

As of the latest update on January 28, 2025, the leak page suggests that the organization has faced significant challenges due to the breach, which may affect their reputation and operational integrity. The page contains a screenshot which presumably showcases elements of the exposed data or internal documents, though exact details were not disclosed. Furthermore, it indicates the presence of multiple third-party entities affected by this compromise, highlighting the breadth of the impact on the ecosystem surrounding the site. Overall, cnnindonesia.com is revealed to be in a critical situation as it navigates the ramifications of this ransomware incident.