In September 2023, RS Logistics Ltd, a Hong Kong-based logistics company founded in 2003, fell victim to a NoEscape ransomware attack. The cybercriminals, operating under a Ransomware-as-a-Service (RaaS) model (linked to the defunct Avaddon group), encrypted the company’s critical data and exfiltrated over 4,000 email documents. The attackers threatened to publish the stolen data unless the company initiated contact, leveraging a TOR-based multi-extortion platform to pressure the victim. The incident was publicly disclosed on September 2, 2023, when RS Logistics appeared on NoEscape’s data leak site.The attack employed advanced evasion techniques, including disabling security features and establishing persistence within the compromised systems. While the full scope of the stolen data remains undisclosed, the breach poses risks of sensitive information exposure (e.g., internal communications, operational details, or third-party data) and operational disruption due to encrypted systems. The company’s failure to respond could lead to public data leaks, reputational damage, and potential financial losses from ransom demands or recovery efforts. NoEscape’s targeting strategy—focusing on U.S.-aligned industries while avoiding CIS countries—highlights the group’s calculated approach to maximizing impact and profitability.