OneDealer
OneDealer
Group: hellcat
Discovered by ransomware.live: 2025-02-28
Estimated attack date: 2025-02-25
Country:
Description:
We have obtained over 330,000 records from OneDealer partners, including sales reports, leads, customer data, and vehicle details with VINs and license plates. Affected companies include AutoHellas, AutoBesikos, KosmoCar, AWT, Karenta AE, QA, Proaxia, Hyundai, BMW, Audi, Kia,
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 4
Compromised Users: 7
Third Party Employee Credentials: 3
External Attack Surface: 161
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse enartiasecurity.net
- abuse papaki.com
- info papaki.com
MX Records
- onedealer-com.mail.protection.outlook.com.
- a165452.mx.mailhop.org.
TXT Records
- google-site-verification=CBJRT7GV9EW68_swJPGbPStigFsT6cmcN2w4Y2wt1bc
- google-site-verification=IcD7DirkqR3_Ns-c5rgYMGh6iSj6I9aEwV1SmBRB05k
- jetbrains-domain-verification=d5vckec39u35hgaiwq2fz26l5
- v=spf1 ip4:20.31.122.42 include:spf.protection.outlook.com include:spf.mandrillapp.com include:spfa.mailendo.com include:spf.lighthouse.gr -all
- MS=ms12358817
- MS=ms27907765
- facebook-domain-verification=tein50iqf9pv7own47yx9ihx2yin56
Cloud / SaaS Services Detected
Microsoft 365
Mandrill