Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Colabor

colabor.com

Group: Akira

Discovered by ransomware.live: 2025-08-24

Estimated attack date: 2025-08-24

Country: CA

Description:

Colabor provides grocery distribution and wholesale services. The ir headquarters are located in Boucherville, Quebec, Canada. Trading Ticker Symbol: GCL We are going to upload about 60gb of corporate files. You will fi nd lots of documents and forms with personal data of more than 30 0 employees including scanned docs (DOB, Canadian passports, addr esses, SSNs, phones, emergency phones, emails, medical informatio n and so on), detailed financial and accounting information (cred it cards information with security codes, payment details, custom ers files, employee financial information), agreements and contra cts, NDAs, etc.
Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 23

Third Party Employee Credentials: 0

External Attack Surface: 8

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations@web.com
MX Records
  • colabor-com.mail.protection.outlook.com.
TXT Records
  • atlassian-domain-verification=Xy1dQAS9MLpJaM3k/uy66/HrvTxDev4mDjnbP2srZiJKhBLpj3lF3/yxN7a1dEdE
  • c65d1b9eb9d545d68f99a07c0b1a4b11
  • cysqvhqrdg9dl7nn1040hzp7gpkj04jv
  • google-site-verification=4nNNVMp90W4wRpCuN6iTuspQTiqGHnrPAc0X8iO3nKE
  • google-site-verification=Hzhfov9Q3DbJaextfDto2HrP5o_DYSGkoun_ZQzEfrI
  • sophos-domain-verification=4002847935bff449f19ec48941ff3e470a677e8fb89b287e360c412467788db5
  • v=spf1 ip4:68.67.38.106 ip4:68.67.41.206 include:spf.protection.outlook.com -all
  • N5mZtNHVjWJ7MVHiCAs6iToS870/4f3EyOHKAP4ZgkLXq5YOhjwo90zGhcEXixClWmKhoMwpvkM+g20FbZtKZQ==
Cloud / SaaS Services Detected
Atlassian Sophos

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.