Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Generali Group

Group: Crypto24

Discovered by ransomware.live: 2025-09-18

Estimated attack date: 2025-09-18

Country: IT

Description:

***

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 225

Compromised Users: 246

Third Party Employee Credentials: 129

External Attack Surface: 113

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse corehub.net
MX Records
  • generali-com.mail.protection.outlook.com.
TXT Records
  • d365mktkey=KeByLoEUP6xoMl0b1CtqZTwnsRfIu8oLni4fAoVR5t8x
  • _globalsign-domain-verification=Gt2Sw9tDLTMbxdnFF_wRduAoIxqjfXchemtmqEzhoL
  • dbs737e3-c106-4f42-a5b6-5456e1c4ac37
  • _globalsign-domain-verification=kzhckJT1pupBFq0bUAnXyaSwAVM3a5WzKujvvdGIF3
  • cisco-ci-domain-verification=6269088f778e46c692800d87a346a543efa4e2cccc7457c69dc2f6e6cd27a297
  • E8pPZ0AGm/C4rfwoA55oBTl0xKc1MO+CmpBTJnCbJmI=
  • brevo-code:ef782681c9780d194f865c58bead0d96
  • _globalsign-domain-verification=0kYkqwVQwBZuIh-r2GJ24avQSdqSyQck2qX6X8-OT8
  • amazonses:h00/mkXsb9eawddAMCVaxGojF1HVcN443MZ1BC0WtzE=
  • adobe-idp-site-verification=25a3e5931f0a573ba5ceba013776105afdfa6557eff30bfd734fb9f9d4ca47e6
  • Dynatrace-site-verification=aad06112-c8c1-4047-a4f8-736902ea6c56__k5fvegeh3eqsmdo2rmi1t1u569
  • mx-8c764b7ed902f6f2
  • Dynatrace-site-verification=976e576a-d11e-4d21-b778-3c2d40d548b9__9r82idvlkevh438kbof33pl5lk
  • atlassian-domain-verification=uzW4Lb1HjglMi28QjChsnBvnaTM1lTAzQi8Ybqj0oXqa27PdqGw/lhKeaWVkPJOa
  • _globalsign-domain-verification=b2GSPpgiH5JDQQWAIVixFlfMwMzQ4VixBsunVVKL1B
  • mongodb-site-verification=cSxS9l7vvc8ZhxgP7D1ga47lPXKWRSeI
  • MS=ms98166944
  • XIHYa46tyNsthdSz49u4GTQMbBKrp3+raRXwN4XBMObxJ5k6wVCZxPrER80x+DsP+QA1Q72n2/Naw8bTalLkuA==
  • apple-domain-verification=l2x0PO7rbnRaRPlj
  • lH3K9gPIBAqcSmJtCaV66DZrsICjtDES4RkElu61wmrsYhzckGeKHR/xfROu43cB/qbQFH/yyV7GKvTPAOqbYw==
  • cisco-ci-domain-verification=44f843f14abc61a5dbe23672cdb2ff02be9999a1230e9fa02034d274290c4370
  • d365mktkey=uD1fxu33Meuxwfof5HzGncyAT4OzJ6oVZn9UCfdvtVcx
  • smartsheet-site-validation=fYP-mlrzGLkkkfv0o7nAoY__IHeIZyDN
  • atlassian-domain-verification=amuP3cOj5MwNPnI9sHHCsZ1imDEM9xaonxfjOPb/HSZhLDmwMQZndWcC9pazOQhh
  • iOd/RrReCndgkHCpmZYtnSrud1GLLtGdVsYAF3JbWpy92DS6n3ItVeaRqo7TkoaYYRabhUSkTH/JuJIeYPn9/w==
  • wrike-verification=NTMwNzgzMzoyZWYzNGEyOGQ1NjIwYWFjODI1YzdiNGZkZjdmMzlhMWZjZmMwNTI2OWJlNWYyMmRiZWNhOTMxNDAxNGYxYzhh
  • _globalsign-domain-verification=yFi8_O05Nk19G0LdCeD0LrEr5NV810IuhZlLVBU9QB
  • google-site-verification=HBI7AwOYqXuQvSD_U2KO6H3NgAaRz15b0a-Yx8zWIuo
  • bw=SwhWUvBudp3nZWPgvB8O6IAMPzGpSUd70GLE1kyAJmAp
  • bitrise-verification=0f458720009ee14f-1hNu4gBQdIe4
  • d365mktkey=wHQ6MssxywrCRz9ZUZg053Glz2xPEFmrFmX0xqCIDQsx
  • duo_sso_verification=nvOF43UZfVBrKpHN32YlWysjUJAmkupaUP3LD6UsQoDTzzoN1ef3Kp8R3JK8bTZm
  • figma-domain-verification=73a67f5bfdd4437281c6c20706159fa36333122f2420dd885b3d92c4edfe0ea2-1744020526
  • v=spf1 include:_spf01.generali.com include:_spf02.generali.com include:_spf03.generali.com include:_spf04.generali.com include:_spf05.generali.com include:_spf06.generali.com include:spf.protection.outlook.com include:spf-westeu.emailsignatures365.com" " include:_spf07.generali.com -all
  • brevo-code:71240249b33f2199226c79fd42e639fd
  • ZF2nGgoVsfmVII7SiaWDuKHAPt0IM+fS0bTzm2jVP5XuRERLfhg9/gyQoOJSESL/OU0et+kqoFTcbO/6bIUWCQ==
Cloud / SaaS Services Detected
Adobe Apple Atlassian Amazon SES/WorkMail Microsoft 365 Cisco Cisco Duo