Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo AUSA Soluciones Logisticas

Group: Thegentlemen

Discovered by ransomware.live: 2025-10-04

Estimated attack date: 2025-02-19

Country: AR

Description:

https://www.zoominfo.com/c/ausa-soluciones-logisticas-sa/405951553 www.ausa.com.pe Somos AUSA, uno de los operadores logísticos líderes en el sector con más de 35 años de experiencia en la simplificación de las operaciones de comercio internacional. Iniciamos nuestras operaciones brindando el servicio de Aduanas, pero en el transcurso de los años hemos complementado nuestra oferta, lo cual nos ha convertido en un operador capaz de ofrecer todos los servicios de la cadena logística local e internacional: Seguimiento Pre-Embarque, Forwarding, Agenciamiento Aduanero, Transporte y Almacenes, y Distribución. AUSA Soluciones Logisticas SA is a company that operates in the Freight & Logistics Services industry. It employs 500to999 people and has 25Mto50M of revenue. The company is headquartered in Lima, Lima Province, Peru.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 6925

Third Party Employee Credentials: 4

External Attack Surface: 101


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • mxb-0042bc01.gslb.pphosted.com.
  • us-smtp-inbound-1.mimecast.com.
  • us-smtp-inbound-2.mimecast.com.
  • mxa-0042bc01.gslb.pphosted.com.
TXT Records
  • facebook-domain-verification=8xqew8kv8q2qml8urdur3wijr5ginf
  • airtable-verification=7d5c4bb1083aed6e27cd99985c49ac81
  • wiz-domain-verification=8df7ec58ab5c882d7d7bad1df1200d77f97a5c7f898ea1ef0904511e9954ca91
  • google-site-verification=Ykk1G2OZGjvrWYGXMqhUO9ADxZAa2u7wl2jM7-VRI8I
  • google-site-verification=460JvyZeIw91-DWG0ZEsnAGMxMiSPVug2qJcXevHCDE
  • google-site-verification=gA2P07VwyAI8D1HzwOO0Q7gVOnctkRTliJ8FxgWyjK8
  • 7s5ys3r5gsrzsm1lxdhgmp6903dfypp0
  • asv=2d91cb2d6544d7a3891d743d45d5cc45
  • 0ed1fe018a83a1a25394024dadbc718d52c026f8eb
  • verification=b384fc086e99452bad93e15dfbe59451
  • cisco-ci-domain-verification=75cb9074f645f91ce729c4564e1e073eaa626bf0466be6b5e8028e29613f9b60
  • _qkt0vyeudqdmyimlu1sicmvr5yhojvo
  • google-site-verification=gg10WGEg16Cp7M5hcqsTRxE0K_f34PWizql6mjRUOPg
  • asv=1d6c4fb60f2790b5d26fed0bb12bd115
  • postman-domain-verification=8eea31cc5b7cfbfff163d605845f51d65296766bb351bc622935839be65abffc31a03fb67bd1c4fa744760df4f04d4e7586c7ead877f00eda7849bb0b71ade13
  • google-site-verification=6mXTBuDHk-2Du-x2_EucW6isU05nrWXQne3jF5QsGU8
  • MS=ms38951267
  • google-site-verification=lBWYr74utT4FeN7oUCykhwiW1woGDhS7S0A4M7isQhA
  • hUHXNRkPrDG/vT7H4SJCG2xTF9fMTKMhfuP72fEgCsrux2DijrADGxZIfaNs6lR/5qzfiHU+CyR6mSxGMXexKQ==
  • google-site-verification:m4g1eOID25e-EuZCXCXyalWrcskGHtkDMI3A4-0qjC0
  • _n4k3s4c3lnx9uq8loq8e4qrgizqenc4
  • pendo-domain-verification=155ca67e-9833-4698-b886-9215b2431dea
  • hubspot-developer-verification=NDNjNmJlZDYtNGVhOS00MGQxLWFlYjMtODkxZDY2NDc2NmY0
  • smartsheet-site-validation=oCkvv_UFOL0zilzID65xfuiYGFuME7lx
  • _elastic_domain_challenge=6e1e719d7eb9dfeb13b9f6e7f64414e005d1a4da36c43074b06c0ccdb6634fe3
  • brevo-code:3fc323c894e26fcbb4611b5486a7dba7
  • v=spf1 include:us._netblocks.mimecast.com include:_u.zoominfo.com._spf.smart.ondmarc.com -all
  • 33904d6d-5e21-4a18-8e46-b170ae80b68e
  • google-site-verification=-ukM4y3JvL3Toa2D44DXo_b5u7wwUhaaVYfFzPHzP5I
  • box-domain-verification=03a9187e13251fb31e146271331be39f6465c7691b6c597729582302d1b2e4bd
  • ecostruxure-it-verification=63b73ded-c9a0-43d5-a4bc-13bc4b86cdac
  • MS=ms33572304
  • hubspot-developer-verification=MWI1YTkyNDctODZmNi00MTBhLWE5MTYtNDBhMWEzZTQ2ODg3
  • jamf-site-verification=6RDl4wTo2zo5foO4qIdvUQ
  • MS=ms65324670
  • google-site-verification=o9iKGrOMdBp_NYSpUvDUa4okJHX8lafcD0rCjFoyBTU
  • atlassian-domain-verification=nLP991XRIVfjHgLMjm0qm2oeZMikTd77NgfuPXxrIBqkkkTZgr9asQXYd6scjmaI
  • google-site-verification=Ck8kCbNGwHAEOnj9O7xMBPG0WBXl1bTju9N2mvtpYWo
  • docusign=4e925286-966b-4869-81ec-23fbbe116a16
  • segment-site-verification=90RRtjxCS6RhpBwQXWa4KZwBygYQCOBT
  • zapier-domain-verification-challenge=db195766-a847-4db2-b88a-459d5695aa90
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Box Segment JamF Cisco Mimecast DocuSign

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.