Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo Du

Group: Dragonforce

Discovered by ransomware.live: 2025-11-21

Estimated attack date: 2025-11-20

Country: AE

Description:

Emirates Integrated Telecommunications Company P.J.S.C., commercially rebranded as du in February 2007, is one of the two main telecom operators in the United Arab Emirates. du offers fixed line, mobile telephony, internet and digital television services across the UAE. It also provides carrier services, a data hub, internet exchange facilities and satellite service for broadcasters. It expanded its services in support of economic and social transformation of UAE and operates subsidiaries such as EITC Investment Holdings Limited, Edara (Telco Operations FZ-LLC), Smart Dubai Platform Project Company LLC and EITC Singapore PTE. LTD.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • du-ae.mail.protection.outlook.com.
TXT Records
  • google-site-verification=tTCPoXpiurc-5DI3hBblbR7EOu4LjChnlfZWsFRFCS0
  • facebook-domain-verification=ihnkstxbwmuzlrvceysmmo7r6xun90
  • apple-domain-verification=K5nMSDT8A92xRzfo
  • 0vxln6vx23hqbp4tsgbmvgmv67q8bmbg
  • detectify-verification=40ca07ad1c44061f23440548f3a3b610
  • pcclkcn07pq2hp7bcxj8k19d3m79230p
  • 12b636lm7z1wl4hchd246lzkx128yn10
  • _gnhmtyh5ru5n0o1jzrxm3tktels4ha2
  • miro-verification=3c522be97640bbd0553a8aba45978a8184641a70
  • v=spf1 ip4:94.203.234.140 ip4:94.203.234.141 ip4:94.203.234.46 ip4:94.203.234.45 ip4:87.200.140.29 ip4:5.32.4.175 ip4:5.30.82.106 ip4:80.227.220.159 " " ip4:213.132.63.61 ip4:80.227.220.160 ip4:94.201.251.102 ip4:212.132.63.42 ip4:212.132.63.150 ip4:212.132.63.151 ip4:212.132.63.173 ip4:94.201.51.186 ip4:213.132.45.136 " " ip4:80.227.68.192 ip4:104.193.137.209 ip4:104.193.137.4 ip4:104.193.137.41 ip4:185.84.1.202 include:spf.protection.outlook.com include:spf_c.oraclecloud.com ~all
  • MS=ms18502732
Cloud / SaaS Services Detected
Apple Microsoft 365 Miro Oracle Cloud

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.