Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Jamjoom Pharma

Group: everest

Discovered by ransomware.live: 2025-05-02

Estimated attack date: 2025-05-01

Country: SA

Description:

[AI generated] Jamjoom Pharma is a leading pharmaceutical company based in Jeddah, Saudi Arabia. Formed in 2000, it's part of the diverse Jamjoom Group. The company develops, manufactures, and distributes a wide variety of prescription drugs and over-the-counter products. They focus on therapeutic areas such as dermatology, antibiotics, cardiovascular, gastroenterology, and neuropsychiatry, serving both domestic and international markets.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 40

Third Party Employee Credentials: 35

External Attack Surface: 18

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mx-01-eu-west-1.prod.hydra.sophos.com.
  • mx-02-eu-west-1.prod.hydra.sophos.com.
TXT Records
  • sophos-domain-verification=3c827383f5ed0416e4fe089758c51b00a4365471
  • v=spf1 include:_spf.prod.hydra.sophos.com include:spf-de.emailsignatures365.com ~all
  • apple-domain-verification=m5oXMNMNeZ5dxyVz
  • MS=ms11930259
  • duo_sso_verification=y9iAJ57U9fQeNgv8htWLXwuT7TQ6NOZ5mMeoCoXn3fUtPwGbltVCWorJ1bImRE2M
Cloud / SaaS Services Detected
Apple Microsoft 365 Cisco Duo Sophos

Leak Screenshot:

Leak Screenshot