Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo CVTE

Group: hellcat

Discovered by ransomware.live: 2025-04-07

Estimated attack date: 2025-04-07

Country: CN

Description:

We have breached the internal systems of Guangzhou Shiyuan Electronic Technology, securing sensitive files that, if exposed, would cause serious disruption across operations and partnerships.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 11

Compromised Users: 362

Third Party Employee Credentials: 11

External Attack Surface: 100

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • DomainAbuse service.aliyun.com
MX Records
  • mxbiz2.qq.com.
  • mxbiz1.qq.com.
TXT Records
  • cursor-domain-verification-syxh5q=EUmwMW6VJYXC68fyJdSNWnomz
  • google-site-verification=8fwGb8yMnPTeYUVtJ6TkQqEIsghf08qRWGigpmtX5O8
  • v=spf1 include:spf.mail.qq.com include:spf.protection.outlook.com ~all
  • MS=ms29897969
  • MS=9C19AE0ADF8B6F4DF437DF19588235250BD7A249
Cloud / SaaS Services Detected
Microsoft 365