Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Karadeniz Holding (karadenizholding.com)

Group: fog

Discovered by ransomware.live: 2025-02-03

Estimated attack date: 2025-02-03

Country: TR

Description:

1.5 TB

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 81

Third Party Employee Credentials: 16

External Attack Surface: 45


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse isimtescil.net
MX Records
  • karadenizholding-com.mail.protection.outlook.com.
TXT Records
  • Keat7IljPB3hrdJQa0qGE+owQqxjgyTlIMvyTkacODY=
  • 2bVEAR+0vrJH5rpZ1TSubS0HwBOGI1r6UIr/af1diuso2FSkgNoREvL5s0+VYk6wmvPAbN2HUCv5F9H7Wr/x5A==
  • globalsign-domain-verification=6SZ8DDwU5QMmWC1w5RtHaYwXNkXgE9oI8OmqKT9YAc
  • globalsign-domain-verification=HGaia03TKkE_CUSNgi47m9r1FjjGrtP17XSZ79daFc
  • YZp5eWMrOh3wDPb5HB/dB5kn0V1xZBRXHvcyj8oviVtV1cjqxeWfC65NOorq/vk3xDfKus6XasCZhVjc/Jcsqg==
  • MS=ms82925650
  • r83SyQImelDc9EgdTgIDBZkg2otxK54EBJ5SOZP288Q=
  • v=spf1 a mx ip4:20.101.57.133 ip4:195.46.140.67 mx:mail.karadenizholding.com mx:mail.karpowership.com include:spf.protection.outlook.com -all
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot