Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Kr3m

Group: fog

Discovered by ransomware.live: 2025-03-06

Estimated attack date: 2025-03-05

Country: DE

Data exfiltrated: 58 GB

Description:

Extract from The 19 biggest gitlabs

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 2

Third Party Employee Credentials: 0

External Attack Surface: 2

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse tucows.com
MX Records
  • kr3m-com.mail.protection.outlook.com.
TXT Records
  • atlassian-domain-verification=1MgJRfxthR5vASOGOIOt7gF0lc7aVuu3/z3Ysgn2f7NbuYPKaiy6yVuprH4lkzD/
  • v=spf1 mx a a:mailrelay-2024.kr3m.com a:mail.bw-networx.net a:mailrelay.kr3m.com a:relay.inweb.de include:spf.protection.outlook.com ip4:199.255.192.0/22 ip4:199.127.232.0/22 ip4:54.240.0.0/18 -all
  • 438fdf208a115bb742405bdbe101f1924fab2c5875126de09b4ad8ac29e1f49
  • google-site-verification=pnw__HXgGRPGICtHdWo8SHDtFvrfIkLtvpuyHbBHfsI
  • f3951a77d70bd369766f8131192028193cca88f2aa7d1b1b1ee1f836cbbded79
  • stripe-verification=e127edb9264f9b1e296675b20d240ebd2ea1b632f3fed230985c997514bb20ea
Cloud / SaaS Services Detected
Atlassian Stripe

Leak Screenshot:

Leak Screenshot