Ransomware victim disclosure
← All victimsSahrawi Arab Democratic Republic (SADR) – Ministry of Foreign Affairs
listed as sadr.ws · Claimed by Dragonransomware · listed 2 years ago
Status timeline
- ListedDec 15, 2024
- Data leakeddate unknown
At a glance
- Group
- Dragonransomware
- Status
- Data leaked
- Country
- Saudi Arabia
- Sector
- Transportation/Logistics
- Listed on leak site
- Dec 15, 2024
About the victim
AI dossier — public-source company profilesadr.ws is the official website of the Sahrawi Arab Democratic Republic (SADR), a contested state in Western Sahara. The site hosts content from the Ministry of Foreign Affairs, including diplomatic relations, international organization participation (UN, AU, ICC), news, and official statements. The SADR is recognized by the African Union and maintains diplomatic missions globally.
- Industry
- Government – Foreign Affairs & Diplomatic Services
- Founded
- 1976
Attack summary
Severity: medium — The target is a government entity (SADR Ministry of Foreign Affairs), and the breach involves a sensitive geopolitical actor; however, no concrete proof of data exfiltration, encryption, or operational disruption is provided. The post appears primarily political rather than a standard ransomware demand, and no specific data inventory or proof files are advertised.The Dragon ransomware group claims to have accessed sadr.ws and possesses information about Polisario Front and the Western Sahara conflict. The group's post is vague and political in nature, emphasizing they seek 'true history' rather than demanding ransom. No specific data exfiltration or encryption claims are made.
Data the group says was taken
AI dossier — extracted from the leak post- diplomatic communications
- government records
- ministry documents
What the group claims
📌 We, the dragons, assure our forces that we will not penetrate anything. We have important information about the Sahrawi mercenaries (Polizario) and things that have never been revealed regarding the Moroccan Sahara. We are not with this party or that, but we are with the right and the real, unfalsified history. [+] https://sadr.ws My greetings, the dragons 🤟
Sources
- Victim sitesadr.ws
- Leak posthttps://t.me/DragonRansom/373
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

