ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb in June W4
2025.07.02

☑️ Weekly Darkweb – June Week 4, 2025



🔍 Taiwanese Manufacturer Hit by QILIN Ransomware; Confidential Data Leaked After Refusing to Negotiate


• On June 23, Taiwanese CNC machine tool manufacturer ‘Q’ was identified as a target of the QILIN ransomware gang.


• QILIN uploaded screenshots of the compromised data to its leak site on the Dark Web.


✓ List of Compromised Data: Employee personal information, 3D design files, R&D documents, contracts, etc.


• The ransomware gang attempted multiple contacts with manufacturer ‘Q’ C-level after breaching the company’s internal network but received no response. With negotiations apparently refused, QILIN raised the pressure by leaking the stolen data publicly.


• This breach goes beyond a simple customer data leak, involving serious exposure of the company’s entire confidential information across technology, production, management, and R&D. Misuse of the leaked data could lead to product counterfeiting and technology theft.



🔍 Iran’s Nuclear Power Company Sensitive Data Leaked on Dark Web


• On June 23, it was identified that sensitive data from the Nuclear Power Production and Development Company of Iran (NPPD) was being leaked on the ‘DarkForums.’


✓ NPPD: A subsidiary of Atomic Energy Organization, responsible for planning and implementing nuclear energy policies.


• The seller, ‘ToRmen,’ claimed to possess 25GB of data, including employee personal information and documents related to Iran’s nuclear program. According to the post, the data spans from 2019 to 2022, and was not obtained firsthand by the seller.


• A total of three sample datasets were uploaded, some of which include department names, job titles, and employee IDs.



🔍 LulzSec Black Hacks Indian Nuclear Reactor Operator, Leaks Sensitive Data


• On June 24, a threat actor group ‘LulzSec Black’ claimed to have breached an Indian nuclear reactor and chemical facility operator, exfiltrating data from over 80 databases.


• The group has released sample data for free on its Telegram channel and also uploaded a promotional post regarding the breach on the Darkweb hacking forum ‘DarkForums.’


✓ List of Compromised Data: Location details of reactor labs, security guard shift schedules, sensitive infrastructure data


• The group is currently selling 17 out of the 80 stolen databases.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_EN (250629).pdf
Threat Intelligence Reports
StealC V2: Advanced Infostealer Malware
2025.07.01
Previous
Threat Intelligence Reports
AiLock Ransomware Analysis Report: Techniques, Tactics, and Indicators
2025.07.08
Next
List