Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

DUC App: Global Money Movement, Simplified

ducapp.com

Group Killsec
Discovered 2025-08-20 12:37 UTC
Est. attack date 2025-08-20
Country US
Duplicate Entry
This victim has been identified as a duplicate of another entry in our database. However, this may not always be the case: the same organization can be targeted multiple times by the same or different ransomware groups, which may result in separate legitimate entries. Search for related entries

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafetysupport.aws.com
  • 3b5f7fb7d641af63fbca3470a57de0944114a1433971a939033bb5b43fffd7b0ducapp.com.whoisproxy.org
  • 3b5f7fb7d641af63fbca3470a57de094eb68ded6f1be632ce3452fbe59260595ducapp.com.whoisproxy.org
  • 3b5f7fb7d641af63fbca3470a57de09425794a85d1054ee190bb8a5bbdd7a910ducapp.com.whoisproxy.org
  • 3b5f7fb7d641af63fbca3470a57de094489ff674e5902c2c15274c05e577d50cducapp.com.whoisproxy.org
MX Records
  • inbound-smtp.us-east-1.amazonaws.com. Amazon SES
TXT Records
  • ahrefs-site-verification_624130d19105746ec27b516da05bd83c53b82a3fb81ad6cac4c9d08eabe631d3
  • google-site-verification=0Q26HwoVt-MAF0M-YXMMzxO5ATMjSg8X2Y3SCJGsobU
  • v=spf1 include:amazonses.com ~all
Cloud / SaaS Services Detected
Amazon SES/WorkMail

Leak Screenshot:

Leak Screenshot