ITinSell group
ITinSell group
Group: qilin
Discovered by ransomware.live: 2025-05-15
Estimated attack date: 2025-05-10
Country:
Description:
The ITinSell group is made up of several companies working hand in hand with a common objective: to collect, structure, exploit and secure data! With ITinSell Software we offer a 100% Saas platform to improve the experience and performance ...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 1
Third Party Employee Credentials: 1
External Attack Surface: 3
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse support.gandi.net
- 0c5ca762a968d2a17013e3e399315b6d-3386060 contact.gandi.net
- 80fc69f01f4d06d8821885c6ebbe84cf-3385340 contact.gandi.net
MX Records
- itinsell.com.c2.mx2.ik2.io.
- itinsell.com.c2.mx1.ik2.com.
TXT Records
- apple-domain-verification=H6jmiNzu8mbDhBTv
- jkmczsmm2ry3djshwcwyn9ph8qb76wfp
- v=spf1 a:smtp.itinsell.com ip4:84.14.53.252 ip4:84.14.53.251 ip4:46.18.211.11 ip4:93.93.188.230 ip4:185.189.236.0/22 ip4:185.211.120.0/22 ip4:185.250." "236.0/22 ip4:185.172.199.0/25 ip4:87.253.232.0/21 include:eu.zcsend.net include:zoho.eu include:spf.protection.outlook.com ~all
- google-site-verification=5pvis-q9qv5bxFEHdi2CGUsUwGSNmYughXK-u9hS4I0
- _3578u7jcqkua1xxylwatw32cfsrti3v
- ms74563846
- MS=ms97340464
Cloud / SaaS Services Detected
Apple
Microsoft 365
Zoho Mail
Leak Screenshot:
