GB Group
GB Group
Group: direwolf
Discovered by ransomware.live: 2025-06-19
Estimated attack date: 2025-06-18
Country:
Description:
GBGroup is in the process of developing innovative solutions for their clients.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 92
Third Party Employee Credentials: 12
External Attack Surface: 39
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- trustandsafety support.aws.com
- 94dcabef-3a9c-47bd-b9ce-7a9e6b84b063 identity-protect.org
MX Records
- eu-smtp-inbound-1.mimecast.com.
- eu-smtp-inbound-2.mimecast.com.
TXT Records
- globalsign-domain-verification=E772430507D264F2932F183A4B88A592
- zscaler-verification-113574971-04062025-qmq4gkok3q
- 0ed1fe018a9f03d44a33b3410c9d8d9340c529144a
- MS=ms77931932
- atlassian-domain-verification=35bPbMB6oTK5GTPG0WxvgXKhFBo2DzP7uf28abqoFh2aLJLOuynSju3VQIIidzaZ
- tgztc3z.ng.impervadns.net
- v=spf1 mx include:eu._netblocks.mimecast.com include:2918901.spf08.hubspotemail.net -all
- TAILSCALE-UuOI6woqecZCaNv95L37
- sending_domain1048083=81717e620bf026a006eb4852a789c4b5298c409db1f63ad41afca2b2bc4f857d
- miro-verification=cbba2228436aaa474f88e0f763d00f23faacf23c
- google-site-verification=mHSw3nIjPbuDrM6yxJGXyTlHC2Pw6L1NRUFfSdIyt7M
- onetrust-domain-verification=a6515abc4f9243eaa23dd45b63854b02
- knowbe4-site-verification=65a5d8e1d0403853577fcdc60dac72a0
- rovag_verification_token=AC87F366E1F6412D94AF834A3830D768
- cursor-domain-verification-qk5xw4=qSQLuehFVzJQXXEqM743CJil6
- duo_sso_verification=YYOW9rUMF4ONmThddKLVTAGcx0sfZKB6K0dOrKkSrE5vG1yya0prdAbBqfiT9cOP
- _globalsign-domain-verification=5rO4iAdW8L3E0_XiRo2fO1QTMe64AAB8Xd9_0tFpvy
- mongodb-site-verification=ZGEku80RlYmpvwQBKmEPv3EhGgYENDDT
Cloud / SaaS Services Detected
Atlassian
HubSpot
Microsoft 365
Miro
KnowBe4
OneTrust
Cisco Duo
Mimecast
Leak Screenshot:
