ALL MENU

Technology
S2W's Technology
AI
Big Data
Security
Products
SAIP
QUAXAR
XARVIS
EYEZ
Services
AI Data Consulting
Penetration Testing
Incident Response
Request for Intelligence
Resources
Event
Webinar
SIS
Conference
About S2W
About S2W
History
News

QUICK LINKS

Resources
  • Newsletter
  • News Highlights
Weekly Darkweb in October W2
2025.10.15

☑️ Weekly Darkweb – October Week 2, 2025



🔍 Japanese Beverage Giant A Targeted by Qilin Ransomware Gang


• On October 7, a major Japanese beverage maker A was listed on the Qilin ransomware gang’s leak site.


• The threat actor claimed to have stolen 9,300 files containing financial reports, growth forecasts, and personal information of employees. They also released 29 sample images, including documents marked as confidential.


• According to S2W’s CTI solution QUAXAR, 21 companies were affected by the Qilin ransomware gang between October 1 and 7, spanning North America, Europe, and Asia.



🔍 1 Billion Data from Global Software Firm S Leaked By Scattered LAPSUS$ Hunters


• On October 3, it was detected that Scattered LAPSUS$ Hunters claimed to have stolen customer data from global software company S.


 ✓ Scattered LAPSUS$ Hunters: An alliance of three hacking groups - Scattered Spider, LAPSUS$, and ShinyHunters. The collective operates an independent Telegram channel.


• The threat actor claimed to have leaked 1 billion data from company S and created a dedicated leak site to threaten the company. The site listed company S’s customers, including global firms in aviation, automotive, cybersecurity, manufacturing, and services.


• The threat actor warned that the data would be removed only if company S made a payment. The deadline for negotiations was set for October 10.


 ✓ The threat actor was also found pressuring company S through their Telegram channel. On October 4, they posted a message offering USD 10 in BTC for emailing affected companies about data posted on the leak site. The incident underscores the need for caution, as corporate information can be compromised through third-party breaches.



🔍 12 TB of Kuwait Ministry of Public Works Data for Sale on Dark Web


• On October 6, a post offering 12 TB of data from Kuwait’s Ministry of Public Works was found on the Russian hacking forum Exploit. (Price: USD 40,000)


 ✓ Ministry of Public Works: A government agency responsible for the construction and maintenance of major infrastructure and public facilities.


• The seller, ‘Kazu,’ also operates a Telegram channel where evidence of data theft and sample files were uploaded. The Telegram link was included in the sale post.


• According to S2W’s user profiling tool, the seller has targeted government agencies in the Middle East, including Saudi Arabia and the UAE, since July, along with entities in Asia, Europe, and South America.



👉 Subscribe to <Weekly Darkweb> and get the latest newsletter every week.
Subscribe on LinkedIn
This newsletter is based on news derived from big data collected from over 400 million encrypted pages and channels, including those on the dark web and Telegram.

☎️ Contact us: https://s2w.inc/en/contact

*The full report is available upon request and for XARVIS subscribers.


Attachments
[S2W] Weekly Darkweb_20251012_EN.pdf
News Highlights
Weekly Darkweb in October W1
2025.10.08
Previous
Threat Intelligence Reports
Threat Group Profiling: Crimson Collective
2025.10.21
Next
List