The ransomware claim involves the Spanish business consulting firm Cofiex Asesoría de Empresas, S.L., which specializes in accounting, tax, and labor management services in Navalmoral de la Mata. The threat actor, dragonforce, has compromised their systems, as their website cofiex.es now hosts a blank page, impacting their operations in Spain. #Spain
Incident Details
- Victim: Cofiex Asesor,ía de Empresas, S.L
- Country: ES
- Actor: dragonforce
- Source: http://z3wqggtxft7id3ibr7srivv5gjof5fwg76slewnzwwakjuf3nlhukdid.onion/blog/?post_uuid=a38c3739-ad34-40ae-b643-9672bb1e04f6
- Discovered: 2025-10-08 08:47:04.694925
- Published: 2025-10-08 08:09:22.501422
Information
- The victim is Cofiex Asesoría de Empresas, S.L., a business consulting and tax advisory firm based in Navalmoral de la Mata, Cáceres, Extremadura, Spain.
- The actor behind the ransomware attack is Dragonforce.
- The company operates in accounting, fiscal, and labor management services, including bookkeeping, annual reports, compliance with Spanish GAAP, corporate and personal tax returns, VAT filings, tax optimization, payroll, social security filings, employee contracts, and business consultancy such as company formation and legal support.
- Its clients include small and medium-sized businesses, freelancers, and local corporations.
- The typical contact email is [email protected].
- The company is legally structured as a Sociedad Limitada (S.L.), the Spanish equivalent of a limited liability company.
- The current website cofiex.es exists but hosts only a blank WordPress page, with operations continuing offline or via direct contact.
Disclaimer: This post is based on public claims made by the ransomware group "dragonforce". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.