{ "id": "b48e642a-fca2-4c23-aceb-5503ff2befc7", "created_at": "2026-04-17T02:20:55.014199Z", "updated_at": "2026-04-18T02:21:04.237106Z", "deleted_at": null, "sha1_hash": "e5f7c3ba81392a1935374b911de8b0f6842ad65b", "title": "[KRYBIT] - Ransomware Victim: fraper[.]com - RedPacket Security", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 1428676, "plain_text": "[KRYBIT] - Ransomware Victim: fraper[.]com - RedPacket\r\nSecurity\r\nBy April 7, 2026\r\nPublished: 2026-04-07 · Archived: 2026-04-17 02:02:24 UTC\r\nhttps://www.redpacketsecurity.com/krybit-ransomware-victim-fraper-com/\r\nPage 1 of 3\n\nNOTE: No files or stolen information are exfiltrated, downloaded, taken, hosted, seen, reposted, or disclosed by\r\nRedPacket Security. Any legal issues relating to the content should be directed at the attackers, not RedPacket\r\nSecurity. This blog is an editorial notice informing that a company has fallen victim to a ransomware attack.\r\nRedPacket Security is not affiliated with any ransomware threat actors or groups and will not host infringing\r\ncontent. The information on this page is automated and redacted whilst being scraped directly from the KRYBIT\r\nOnion Dark Web Tor Blog page.\r\nRansomware group:\r\nKRYBIT\r\nVictim name:\r\nFRAPER[.]COM\r\nAI Generated Summary of the Ransomware Leak Page\r\nhttps://www.redpacketsecurity.com/krybit-ransomware-victim-fraper-com/\r\nPage 2 of 3\n\nThe leak post concerns the Spanish company fraper.com, identified as a victim in the incident tied to the threat\r\nactor group krybit. The page portrays Comercial Fraper S.L. as a privately held Spanish business specializing in\r\nbuilding materials, tools, and household supplies. The available metadata indicates the post date is 2026-04-07,\r\nwhich serves as the publish date for this entry. The post is framed as a data exposure event associated with\r\nransomware activities, though the available information does not specify the nature of the compromise beyond the\r\nclaim of breaching the organization and potentially exfiltrating data.\r\nThe post does not list a ransom amount, and there are no visible screenshots or images accompanying the entry—\r\nthere are zero images reported on the page. The presentation focuses on the victim’s identity and a general claim\r\nof a data-leak scenario commonly seen in ransomware operations. Based on the information provided, fraper.com\r\nis characterized as a European-based building materials supplier impacted by the incident, with no additional\r\ndetails on the scope of data affected or the extent of encryption or exfiltration disclosed in the post. The page\r\nindicates a disclosure of information related to the attack without offering concrete evidence or publicly released\r\nfiles within the entry itself.\r\nSupport Our Work\r\nA considerable amount of time and effort goes into maintaining this website, creating backend automation and\r\ncreating new features and content for you to make actionable intelligence decisions. Everyone that supports the\r\nsite helps enable new functionality.\r\nIf you like the site, please support us on Patreon or Buy Me A Coffee using the buttons below.\r\nAI APIs OSINT driven New features\r\nBuy Me A Coffee Patreon\r\nPost navigation\r\nSource: https://www.redpacketsecurity.com/krybit-ransomware-victim-fraper-com/\r\nhttps://www.redpacketsecurity.com/krybit-ransomware-victim-fraper-com/\r\nPage 3 of 3", "extraction_quality": 1, "language": "EN", "sources": [ "MISPGALAXY" ], "origins": [ "web" ], "references": [ "https://www.redpacketsecurity.com/krybit-ransomware-victim-fraper-com/" ], "report_names": [ "krybit-ransomware-victim-fraper-com" ], "threat_actors": [ { "id": "599a2a68-492d-40dc-adfd-45bf13e0481e", "created_at": "2026-04-17T02:00:03.801594Z", "updated_at": "2026-04-18T02:00:04.270282Z", "deleted_at": null, "main_name": "Krybit", "aliases": [], "source_name": "MISPGALAXY:Krybit", "tools": [], "source_id": "MISPGALAXY", "reports": null } ], "ts_created_at": 1776392455, "ts_updated_at": 1776478864, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/e5f7c3ba81392a1935374b911de8b0f6842ad65b.pdf", "text": "https://archive.orkl.eu/e5f7c3ba81392a1935374b911de8b0f6842ad65b.txt", "img": "https://archive.orkl.eu/e5f7c3ba81392a1935374b911de8b0f6842ad65b.jpg" } }