Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

FLEETSHIP.COM

FLEETSHIP.COM

Group Clop
Discovered 2025-11-21 12:58 UTC
Est. attack date 2025-11-21
Country IN

Description:

[AI generated] "FLEETSHIP.COM" is a company that specializes in the management and operation of a wide variety of vessels. They offer a vast range of ship management services, which include crew management, training, technical support, procurement, and more. They aim to ensure the vessel's peak performance and security. This environment-friendly organization emphasizes safety and quality service, contributing to the global shipping industry.

Infostealer activity detected by HudsonRock

Compromised Employees: 18

Compromised Users: 257

Third Party Employee Credentials: 12


External Attack Surface: 37


Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafetysupport.aws.com
  • 84ed6ecffbca6f210f64f9fdf5e5a5083545e110e23efe4b61125a0d6ec6ec44fleetship.com.whoisproxy.org
  • 84ed6ecffbca6f210f64f9fdf5e5a508fce69a18600382e6371147447b69f77efleetship.com.whoisproxy.org
  • 84ed6ecffbca6f210f64f9fdf5e5a508a0a1413f5c4c8540378389f8c1c6492efleetship.com.whoisproxy.org
  • 84ed6ecffbca6f210f64f9fdf5e5a5088aef96aeedb223d0551168d21a3827a1fleetship.com.whoisproxy.org
MX Records
  • fleetship-com.mail.protection.outlook.com. Microsoft 365
  • noreply.qemailserver.com.
TXT Records
  • MS=ms42019278
  • _fvcokk476ymykeahd4qdcloffi2kzp4
  • _w1z6lw05j1ndbgitmpdruvxxzp903po
  • apple-domain-verification=alGrb0eJOdspokMa
  • apple-domain-verification=pYZcYpXMFfFE5C34
  • atlassian-domain-verification=NUhz7q6sq1AIgoNWi1R08zVbZ03nWX0JkgElWKXaGS63ItfpO/Ql5HMVlRyCtagN
  • google-site-verification=Dc0p96rMrxyt7_ukfFE5AsTyYus-4AR6VQunUWUQC3U
  • jnc3k4nxh371rbt6mnq6fdrkk65jyfts
  • v=spf1 mx include:spf.protection.outlook.com include:spfve.fleetship.com include:spfva.fleetship.com include:spfvb.fleetship.com include:spfvc.fleetship.com include:spfvd.fleetship.com -all
  • F0L4E30253
Cloud / SaaS Services Detected
Apple Atlassian Microsoft 365

Leak Screenshot:

Leak Screenshot