Ransomware group payload hits The commune of Castries
The commune of Castries — a public sector target operating in FR has been listed by the payload ransomware group on 2026-07-09. The information below reflects what the threat actor has publicly claimed on their leak site; the details have not been independently verified.
Incident Report
| Target Organization | The commune of Castries |
|---|---|
| Threat Group | payload |
| Summary | The commune of Castries is a picturesque, historic town in the south of France, renowned for its majestic 17th-century château and unique aqueduct. The city's official website (castries.fr) provides visitors and locals with the latest news, cultural event schedules, and tourism information. Additionally, the portal serves as a convenient digital platform for residents to access municipal services and connect with the town hall. |
| Date of Breach | 2026-07-09 |
| Discovery Date | 2026-07-09 |
| Region | FR |
| Target Domain | castries.fr |
| Business Sector | Public Sector |
| Severity | MEDIUM |
Claim by payload
The commune of Castries is a picturesque, historic town in the south of France, renowned for its majestic 17th-century château and unique aqueduct. The city's official website (castries.fr) provides visitors and locals with the latest news, cultural event schedules, and tourism information. Additionally, the portal serves as a convenient digital platform for residents to access municipal services and connect with the town hall.
Posted by the payload threat actor on its public leak site. This is the group's own statement and has not been independently verified by HackerFeeds.
Sources
Victim website
castries.fr
Leak post (onion / Tor)
http://payloadrz5yw227brtbvdqpnlhq3rdcdekdnn3rgucbcdeawq2v6vuyd.onion/posts/d481caf3-39ce-4617-a578-73f8bc52cf6f
Open this URL in Tor Browser. Browsing leak sites carries real risk — view passively, never click further.
Disclaimer
HackerFeeds does not engage in the exfiltration, downloading, taking, hosting, viewing, reposting, or disclosure of any stolen information. All breach data reported here is sourced from publicly available threat intelligence feeds for awareness purposes only.

