Ransomware victim disclosure
← All victimsПРОМПРОЕКТ
listed as promproektspb.ru · Claimed by Werewolves · listed 3 years ago
Status timeline
- ListedDec 20, 2023
- Data leakeddate unknown
At a glance
- Group
- Werewolves
- Status
- Data leaked
- Country
- Russia
- Listed on leak site
- Dec 20, 2023
About the victim
AI dossier — public-source company profileПРОМПРОЕКТ is a Russian industrial safety consulting firm founded in 2005, based in Saint Petersburg and serving as a leader in the Northwestern Federal District. The company provides expertise in industrial safety, non-destructive testing, building inspections, equipment certification, and project management. It participated in major international energy infrastructure projects including Nord Stream 1 and South Stream pipelines.
- Industry
- Industrial Safety & Engineering Consulting
- Address
- Saint Petersburg, Russia (inferred from domain .spb and phone area code 812)
- Employees
- 11-50
- Founded
- 2005
Attack summary
Severity: high — Confirmed data exfiltration targeting a consulting firm with documented access to sensitive international energy infrastructure projects (Nord Stream, South Stream). Client data relates to critical infrastructure. No proof files explicitly counted but threat to publish is stated.The Werewolves group claims to have exploited vulnerable server versions and weak password policies to exfiltrate data from ПРОМПРОЕКТ. The group states that data of 'very serious clients' (implying major energy/infrastructure companies) was compromised and threatens to publish all data on their mirrors and Tor network.
Data the group says was taken
AI dossier — extracted from the leak post- Client records
- Project documentation
- Server credentials
- International project files
What the group claims
Компания была основана с целью занять достойное место на рынке экспертных услуг в сфере промышленной безопасности. ПРОМПРОЕКТ прочно опирается на технические компетенции сотрудников и европейский подход к менеджменту.Компания учавствовала в крупных международных проектах строительства газопроводов «Северный поток 1» и «Южный поток» и в сотрудничестве с такими компаниями, как Nord Stream AG, South Stream Transport B.V., Saipem, Siemens, Rosen Europe B.V., PetrolValves и многими другими.Уязвимые версии серверов,отсутствие безопасной парольной политики и решений защиты сетевого периметра привели к утечке данных весьма серьезных клиентов компании.Все данные будут опубликованы на зеркалах нашего сайта и в сети TOR.
Sources
- Victim sitepromproektspb.ru
- Leak posthttps://werewolves.pro/en/kailos-ru.html
Source
Indexed 3 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

