Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks


Group Qilin
Discovered 2025-11-23 17:11 UTC
Est. attack date 2025-11-23
Country CA

Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 0

Third Party Employee Credentials: 2


External Attack Surface: 1


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • 8fd1427aeb034000eb03ee7d546e8832d56326f79e1c6a4241413afa7a774ad4bertselectric.net.whoisproxy.org
  • 8fd1427aeb034000eb03ee7d546e88329619ee79e5c5fc740e3cfb4009aae747bertselectric.net.whoisproxy.org
  • 8fd1427aeb034000eb03ee7d546e88322367690a8b00f05b922cca12b85be559bertselectric.net.whoisproxy.org
  • trustandsafetysupport.aws.com
  • 8fd1427aeb034000eb03ee7d546e88328226c185ea6ae9436b55e5736a8cbc92bertselectric.net.whoisproxy.org
MX Records
  • bertselectric-net.mail.protection.outlook.com. Microsoft 365
TXT Records
  • v=spf1 mx include:reflexion.net include:spf.protection.outlook.com include:relay.mailchannels.net ip4:162.243.130.109 ip4:96.55.122.110 ~all
  • L9fACiGjrVvDkjryIqxrhtrczgh9VOtFS82HR3mnNbuLVF7l69sKvF/++u/BskJkWzDaiDZfXAF/LiRUIxdP/w==
  • MS=ms37637356
  • apple-domain-verification=gBuhmDa2ov5guGkN
Cloud / SaaS Services Detected
Apple Microsoft 365

Leak Screenshot:

Leak Screenshot