Estes Forwarding Worldwide
Estes Forwarding Worldwide
Group: qilin
Discovered by ransomware.live: 2025-06-23
Estimated attack date: 2025-06-23
Country:
Description:
Estes Forwarding Worldwide (EFW) is a leading provider of high-touch, door-to-door logistics and freight forwarding solutions. Headquartered in Richmond, Virginia, and a subsidiary of Estes—the largest privately held freight transportation ...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 8
Third Party Employee Credentials: 0
External Attack Surface: 7
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mxa-0071f301.gslb.pphosted.com.
- mxb-0071f301.gslb.pphosted.com.
TXT Records
- teamviewer-sso-verification=d328ca3c05cc4602ab275a46a3f6eb3a
- google-site-verification=NGwS884P-fk3Hsg1neaep3_6ODMhuJp3L8PtigBLWek
- duo_sso_verification=b63Mr4BsQftf3pelHdLlf1gRjurESu7Lr2A8CRonRQsHSANCwFoJQYc7EALjqJE8
- MS=52C8B17D6B43D5B5B08AC766870F65E6271B38B0
- FywsltODpX0w0xv7DGesDq+RGRWuHOoZJe5VsDeRD6I=
- google-site-verification=c4zS2kD-hAEBdnZmgmLac1CpC-aaBAzX8JkEExAgUYU DEFAULT
- v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com include:spf.usa.net ~all
- apple-domain-verification=ELVqkz89AwHE8g0Z
- apple-domain-verification=4hWkIlX9CpNXTN9N
Cloud / SaaS Services Detected
Apple
Teamviewer
Cisco Duo
Proofpoint
Leak Screenshot:
