MBS Secure
MBS Secure
Group: Qilin
Discovered by ransomware.live: 2025-10-09
Estimated attack date: 2025-10-09
Country:
Description:
MBS Secure, Ntiva - Ignore your teeth and they'll go away. The same goes for customers. If you leak their confidential data online, they'll leave. That's what happened to MBS Secure, a cybersecurity company. It has many customers, including i ...
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 1
Third Party Employee Credentials: 1
External Attack Surface: 2
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- domain.operations web.com
MX Records
- us-smtp-inbound-1.mimecast.com.
- us-smtp-inbound-2.mimecast.com.
TXT Records
- v=spf1 a:smtp.ultipro.com ip4:69.10.48.106 ip4:150.136.185.32 include:us._netblocks.mimecast.com include:spf.ntiva.com include:spf.protection.outlook.com include:3012736.spf02.hubspotemail.net include:sendgrid.net include:spf.us.exclaimer.net -all
- bw=i+xiv/9ymL6/VNpSdWLhS2XvTs10NCdbx+uFG/lJMidM
- MS=ms41366075
- apple-domain-verification=5X7UzmddQeGZa4QIaOsqUEdc91EYiXd-nqkJbptZGn0
- google-site-verification=simQPPaOPj39rMcZxJ76jeeXukOhYU9yDu-vefD2nHI
- google-gws-recovery-domain-verification=44559329
- 11500463E04527572F89BD2A7267330426B2580295A7137C1EB7E3E596FFF221
- apple-domain-verification=UwgJiX4e8m93sMKQ
- google-site-verification=TajSb2Qr0L4KNQvwDUmVm3gOAGbeNMHYbRPBHz3kZKc
- google-site-verification:j2nRFTiBkkzvnn77XnAUA9yuGIEH9e8_ZgRF8qdk-I8
- google-site-verification=EekXgamDZVQWe5PaKH_DnaiHzuxhBkLBDQ1Rsumnz-w
- twilio-domain-verification=a4372157d8f7b6021d6d1bfe4a7146d7
Cloud / SaaS Services Detected
Apple
HubSpot
Microsoft 365
Twilio
SendGrid
Mimecast
Leak Screenshot:
