Ransomware Group: LOCKBIT3

VICTIM NAME: abcapital[.]com[.]ph

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the LOCKBIT3 Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The ransomware leak page associated with the victim, identified as a player in the Financial Services sector based in the Philippines, highlights significant vulnerabilities and unauthorized data exposure. On February 10, 2025, there was a breach involving the public disclosure of source code and a database contained within a zip file identified as ‘itd_1002’. This data leak poses a potential risk to client data and operational integrity. Given the sensitive nature of the financial sector, the implications of such compromises can extend to financial fraud, loss of reputation, and legal repercussions for the involved company.

The group behind the attack is identified as ‘LockBit3’, a notorious ransomware group with a history of targeting various industries. The published notice, which contains a URL to the leak, indicates that internal documents may have been made publicly accessible, potentially exposing confidential information associated with the victim’s operations. The leak page also includes a screenshot depicting aspects of the compromised data but excludes any specific details to maintain confidentiality. Noteworthy is the absence of personally identifiable information, which is typically a critical concern in such incidents.