Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Far East Consortium

Group: nightspire

Discovered by ransomware.live: 2025-03-18

Estimated attack date: 2025-03-07

Country: HK

Data exfiltrated: 250 GB

Description:

Far East Consortium (Hong Kong)


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • fecil-com-hk.mail.protection.outlook.com.
  • mx-02-us-east-2.prod.hydra.sophos.com.
  • mx-01-us-east-2.prod.hydra.sophos.com.
TXT Records
  • v=spf1 a mx include:spf.protection.outlook.com ip4:202.181.164.0/24 ip4:202.181.165.0/24 ip4:202.181.176.0/24 -all
  • MS=ms87383023
  • spf2.0/pra a mx include:spf.protection.outlook.com ip4:202.181.164.0/24 ip4:202.181.165.0/24 ip4:202.181.176.0/24 -all
  • sophos-domain-verification=fd91f23d3d895cddf2afaf6290efa14ca8fd35d4
Cloud / SaaS Services Detected
Microsoft 365 Sophos