Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ONEX CANADA ASSET MANAGEMENT INC

Group: d4rk4rmy

Discovered by ransomware.live: 2025-08-07

Estimated attack date: 2025-08-07

Country: CA

Description:

https://onex.com Onex Partners is a private equity platform focused on the upper-middle market in the United States, Canada, and Europe. Our successful track record is built on deep sector specialization and a disciplined, hands-on approach to private equity investing. they…

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 4

External Attack Surface: 1


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusecomplaints markmonitor.com
  • whoisrequest markmonitor.com
MX Records
  • onex-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 mx a:mail.onex.com include:_spf.salesforce.com include:_spf.psm.knowbe4.com include:spf.protection.outlook.com include:spf.exclaimer.net ip4:198.207.147.224/27 ip4:204.239.0.224/27 ip4:159.183.195.26 ip4:159.183.18.123 include:u32362374.wl125.sendg" "rid.net include:u50063977.wl228.sendgrid.net include:u50201765.wl016.sendgrid.net ~all
  • xmedius-verification=e450869aae608635afa84e01af0ff327e637783c91a7968cd09b92ccbfa1e093
  • globalsign-domain-verification=pE1JDSXef7GnXlFCN0_rCrs864ms3CfIvvZJGJrgdm
  • cisco-ci-domain-verification=518f80e7b6cb1445c95dc0c978c70aa1816debfe7b28df861b6b002e67fdfb04
  • PmgWt0mFUkUI8FIMt+7eTdSGSpEIFarSEHYW0LQYc1WSxUeXIqcHpkSmd9kwBg7GT5LDi9M0iQGWtwOS8gk4JA==
  • atlassian-domain-verification=JurwDbKKAJWToN0fU9MJzoWcxPexXA/NdFaTkXzRnMaIFgaeuHSd1Y8VZ0lDkdD5
  • appspace-domain-verification=7cb93cf335bffe88eaaeae4abc867bcc1faf38dde2b904848e95faadbe463daa
  • apple-domain-verification=7ht5Ob49nc981YpB
  • h0t4hmwpv6hblr2y95hjf16y47mgx620
  • have-i-been-pwned-verification=7d3ac95c40ecf6bba8c74559d07b6b3e
  • jhb268g3hw0rz1ss5hlbn8g6vq6pxdrq
  • knowbe4-site-verification=96ae68f3902a7ca193521885eb9b96e4
  • szzplnsq7v0n67hwklm8ygr1lx569wx0
  • _ikij2jj7nfka4lbchqxhyjfboijcyfx
  • v8k3m2p79v6t139nq7rtxz0k07k3y490
  • MS=ms71483180
  • google-site-verification=UwuAy_L9zEn6JrpOO29tGNnUrUcR7CWjPs1qiIGk-CA
  • teamviewer-sso-verification=490305d829fb41eeb4644a837d727c77
  • google-site-verification=YBlZdRLeYueV7y8kqwh8-BjgSmhToPyM4PFjhkv6loE
  • adobe-idp-site-verification=ce60a1f5d584fb4419e42658645dbd2f1c4a8b16663ac1a45bdc590edbfd3a15
Cloud / SaaS Services Detected
Adobe Apple Atlassian Microsoft 365 Salesforce Teamviewer KnowBe4 Cisco SendGrid Have I Been Pwned