Kevmor
Kevmor
Group: Brotherhood
Discovered by ransomware.live: 2025-10-10
Estimated attack date: 2025-10-10
Country:
Description:
Contains: 45 Gb compressed Files, Databases, E-mails
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 2
Third Party Employee Credentials: 0
External Attack Surface: 2
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- kevmor-com-au.mail.protection.outlook.com.
TXT Records
- v=spf1 +a +mx +ip4:3.105.178.167 +ip4:116.212.244.54 include:spf.protection.outlook.com include:servers.mcsv.net include:amazonses.com include:spf.tmes.trendmicro.com ~all
- google-site-verification=QfvHXgtuNk6iHZG-g2oUR7fZl1QwDcPB1Id3L8rrGNw
- google-site-verification=hCetEab_C-6Au5j9mIZzn8sHggJyoxFKrlWCL-B2nGk
- klaviyo-site-verification=TU75rS
- ms=041D391FC0F8396FDAA6A9BB285C5DB07F50CD47
- tmes=98de7192184f8ad2e77a56bb8186b1ac
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Mailchimp
TrendMicro
Leak Screenshot:
