Ransomware victim disclosure
← All victimsWantager
listed as wantager.com · Claimed by Ransomed · listed 3 years ago
Status timeline
- ListedSep 4, 2023
- Data leakeddate unknown
At a glance
- Group
- Ransomed
- Status
- Data leaked
- Country
- United States
- Sector
- Financial Services
- Listed on leak site
- Sep 4, 2023
- Ransom demanded
- $10.000
About the victim
AI dossier — public-source company profileWantager (wantager.com) is a Ukrainian-language online platform that connects cargo senders, carriers, and freight forwarders. The service provides tools for searching available freight and transport, managing shipment documentation digitally, and rating carriers via a reputation system. It operates as a B2B marketplace for road freight logistics.
- Industry
- Freight & Logistics Marketplace (Transportation Technology)
Attack summary
Severity: high — The group claims confirmed exfiltration of a customer database, financial transaction records (bank transfer documents), and private communications (customer chats). With disclosed status of 'data_published', sensitive business and potentially personal/financial data of platform users is now exposed.The group 'Ransomed' claims to have gained full access to Wantager's servers, exfiltrating the database, customer chat logs, and bank transfer documents, and is demanding a $10,000 ransom. The post indicates data has been published following non-payment.
Data the group says was taken
AI dossier — extracted from the leak post- Customer database
- Customer chat logs
- Bank transfer documents
- Archive snapshots
What the group claims
we have access everything on their servers, including the Database,Customers Chats, Bank Transfer DocumentsArchive SnapshotWe require a ransom of $10,000
Sources
- Victim sitewantager.com
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

