Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Costex

Group: hunters

Discovered by ransomware.live: 2025-01-11

Estimated attack date: 2025-01-11

Country: US

Description:

Exfiltraded data : yes - Encrypted data : yes

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 82

Third Party Employee Credentials: 0

External Attack Surface: 26


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • fml1.cloud.gladiium.com.
  • fml2.cloud.gladiium.com.
TXT Records
  • vdotf1pf7urvs9tvusk1p7vds
  • 8guimid5l9q59s838qikvs44qd
  • BPL=8464859
  • MS=ms33573522
  • MS=ms66086435
  • MS=ms83437783
  • e7fd43990824951d1d3d4a832d282129
  • i38570mnbgg1d0jap5m1eujqtf
  • sophos-domain-verification=552f35d153c2c7b9e184da535bee5ce8c45e86fcbcab688f691245c86ab4c093
  • v=spf1 +a +mx +a:fml1.cloud.gladiium.com +a:fml2.cloud.gladiium.com +ip4:209.222.82.154 +ip4:198.57.194.229 +ip4:69.80.70.130 +ip4:69.27.38.62 +ip4:69.80.70.133 +ip4:69.27.32.86 +ip4:38.91.106.65 +ip4:38.91.107.67 +ip4:38.91.107.148 +ip4:38.7.30.40 +ip4:" "67.220.74.47 include:spf.ess.barracudanetworks.com include:spf.protection.outlook.com ~all
Cloud / SaaS Services Detected
Microsoft 365 Sophos

Leak Screenshot:

Leak Screenshot