Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Ceva Logistics

Group: Coinbasecartel

Discovered by ransomware.live: 2025-09-15

Estimated attack date: 2025-09-15

Country: GB

Description:

CEVA Logistics is a global asset-light supply chain management company. It designs and implements freight forwarding, contract logistics, transport...

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 287

Compromised Users: 1071

Third Party Employee Credentials: 304

External Attack Surface: 156

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • legalservices eurodns.com
  • branding cevalogistics.com
MX Records
  • cevalogistics-com.mail.protection.outlook.com.
TXT Records
  • 4ca149add405b4940045fef7ef3f9b8c6043fd7d8966a131bc
  • atlassian-domain-verification=B8PabZ1Ha6D3Bw21xclVxAYq2ZZF9bAZ4ai53JTca82g0rgOkZ5TTtlHng7l4jZc
  • mongodb-site-verification=TslzUIISxeB518vzU7scKXbQo43NQRYC
  • google-site-verification=t9nGBa5gAANYEBn-PleEWmhrvWi4n_L_YlQ_6CgNF48
  • successfactors-site-verification=NWU1ZWU1MjAxMjkyMWFmMTE0ZmUzZmM5MjA0MWY5NmFhN2RlMjc5N2FjMjIzYzU1NzEzN2ZmM2ZjY2NkNzM4Nw==
  • wso2-domain-verification=Nuofwlhs2YaZrBn
  • teamviewer-sso-verification=6278401b58154bcf8ca1e37793677ff0
  • 2Uh2ihl62Q5Tz4quy7J4TkaB4cuchr4sohEC6O6CKRflIsrjBKpQ9d4N2YZIfVpAq+NLroG3yfKHpwONYUYNRw==
  • Sendinblue-code:d0ff031bcec0ae68d304e4742a2edce9
  • brevo-code:d0ff031bcec0ae68d304e4742a2edce9
  • mongodb-site-verification=QaOHLmZhD68zScu5uROFVmOLad1jUtCL
  • google-site-verification=_UaPTom8mGFnVr1Q8a8P-YzkSItZpDPIgzNq_1DGGiM
  • v=spf1 include:spf.protection.outlook.com include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:spf.happyfox.com ~all
  • o4RoS451t8Ew6QaT47Tl5fXVqCGZlizCdNfw6HrMEgZFO/4ZgBl5YbT2596QBfpsCdbVOTo8hzMb5xGpVdI1Ag==
  • docusign=509eeeaa-56be-4f36-a70a-c61d9ae5be84
  • adobe-idp-site-verification=8434ff7716f4def6ca5918f7adb839f39bff8f20c4279d89e2a51c345b8f10b3
  • google-site-verification=bEioLD16Md0Vy7mHklbIMhgljcNeskYPJPXiFT4Vcl8
  • mongodb-site-verification=VdLq76Cxg2IQuELwm1c21XuwpGwvHSMG
  • perplexity-ai-domain-verification-psjx72=uNi4mmBElSV8mCG6pWzq4BVBF
  • atlassian-domain-verification=6zBYaa6dDQRK1SJ2pJYtKAH37qVy7tJbqVM4puMTfLB/bZfB/bi5xGXKKnUN6w8D
  • autodesk-domain-verification=y7GCk53B2bxSkGely_wo
Cloud / SaaS Services Detected
Adobe Atlassian Teamviewer Autodesk DocuSign Proofpoint

Leak Screenshot:

Leak Screenshot