Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Inet

Group: fog

Discovered by ransomware.live: 2025-03-06

Estimated attack date: 2021-12-20

Country: TH

Data exfiltrated: 90 GB

Description:

Extract from The 19 biggest gitlabs

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 399

Compromised Users: 746

Third Party Employee Credentials: 50

External Attack Surface: 187

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • staff thnic.co.th
MX Records
  • mx1-protect.one.th.
  • mx2-protect.one.th.
TXT Records
  • _globalsign-domain-verification=e2Rf0tLe-yoKwb5xaVqqwySyaAWm4hb0IuBjp8Qd-e
  • MS=0808A065FCAAE91545DEE080E5AD7EFBE6F34054
  • YcAOtU4mK7iTfmL+NUdAQC3bSpAC11EibTs9G5PrUcE=
  • google-site-verification=2n4HK5l3jN56ibwBg1jzuWcq4T1qjO5x94jcD6OSuBg
  • google-site-verification=I3nGk-PRApqx-tAX4UHHYAD_424qY59UEafKL9F1Wyc
  • v=spf1 mx ip4:203.151.160.88/29 ip4:203.150.84.0/24 ip4:203.150.212.0/24 ip4:203.151.58.148/31 ip4:203.151.201.196 ip4:203.154.193.55 ip4:203.154.60.173/28 ip4:203.154.61.5/29 ip4:203.154.48.205/29 ip4:203.154.237.37/29 include:_spf.one.th include:_spf.in" "etmail.cloud include:smtp.txmsv.com -all
  • 200pf6zdl8zq2l4j7821svdfzc26mfhw
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot