Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Omnitracs

Group: hellcat

Discovered by ransomware.live: 2025-03-25

Estimated attack date: 2025-03-24

Country: US

Description:

We hold sensitive files from Omnitracs, a leading provider of fleet management and logistics solutions. The company must act swiftly to prevent the exposure of this data.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 2

Compromised Users: 314

Third Party Employee Credentials: 22

External Attack Surface: 68

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • mxb-0022b902.gslb.pphosted.com.
  • mxa-0022b902.gslb.pphosted.com.
TXT Records
  • _9ane2soye0g5b5hy58qxdzvrs4m2y1s
  • v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
  • MS=ms66416459
  • google-site-verification=jY9IuT78kp8nfTZddoDcGJLTlJKEmtSe20WblJBcUgc
  • v=DKIM1;k=rsa;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCb0b8LJPVoex5Nu5sY9B/frUvoThC2D/vCyzoZTu3+tbSqqxZqmslxzrXqghPOXXoJ+4HGN3OM0FH8ERGTO9Eo16aVSm1x/hnrtl0LF/R6McJDYxNd3Bz3nJV4ARewFKqemsp6IeN511IHgSOtPA5V65Ira7khY/wu7E972wUPMwIDAQAB
  • atlassian-domain-verification=i0COjZ0Anyw6qe+XDmRjMiV/8udL5p8zK+VhC0kjCJIa0zD1+OJ3YgI+XY16EgSr
  • hj=85002-20112020
  • teamviewer-sso-verification=a3151a84b03f4705a049d827a7936b48
  • atlassian-domain-verification=7mem7cKS1yEoQ3O4VBdbQkoK+pYoOEBsVuhrzEhamVg55Of3etJSzVd+l54vRNxn
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Teamviewer Proofpoint