Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Ms13089 / Ms13-089

| Active

None

Victims
 

3

First Discovered
victim

2025-12-18

Last Discovered
victim

2026-01-15

Inactive Since
in days

18

Avg Delay
between attack and claim

N/A

Infostealer
for victim with domain

0.0%

View Victims on World Map

View group statistics

Known Locations (1)
Favicon Title Type Available Last Visit Server Info FQDN
favicon MS13-089 Blog Yes 2026-02-02 10:01:35 NGINX nginx 1.18.0 msleakjir7pxbe6onlqe5uwgvdmy6nq4mnwfy7ojswbhnleenm77vgad.onion
Target (Available)
Top 5 Activity Sectors
Top 5 Countries
  • DE flag Germany 1
  • IT flag Italy 1
  • LU flag Luxembourg 1
Heatmap (Available)
Ransom Notes (0)

No ransom notes available.

Tools Used (Not Available)

No tools used available.

Vulnerabilities Exploited (0)

No vulnerabilities exploited available.

TTPs Matrix (0)

No TTPs available.

Negotiation Chats (0)

No negotiation chats available.

YARA Rules (0)

No YARA rules available.

Indicators of Compromise (IoCs) (1)
EMAIL 1
Type IOC
email ms13@onionmail.org
Victims (3)
Logo
sjl-legal.com Ms13089
Discovery Date: 2026-01-15
SJL is a high-end independent business law firm renowned for its savoir faire and reliability. The f...
LU
Logo
dgpcommercialisti.it Ms13089
Discovery Date: 2025-12-18
Aree di specializzazione: contabilità, bilanci, dichiarazioni fiscali, incarichi di sindaco e reviso...
IT
Logo
uro.com Ms13089
Discovery Date: 2025-12-18
Virginia Urology (VU) has a long history of providing quality care to the Greater Richmond metro are...
DE