Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Marmotech

Group: Dragonforce

Discovered by ransomware.live: 2025-10-27

Estimated attack date: 2025-10-18

Country: DO

Description:

It owns and manages eight quarries that include marble, travertine, limestone and coralline stones that are processed with state-of-the-art European technology. Consequently precision of designs and cut is ensured by employing the use of machinery operated with CAD/CAM technology for the manufacturing of all products. In performing both extraction and processing tasks, our corporation is committed to the development of a sustainable mining industry that is based on environmental protection policies that have deserved the acknowledgement of our clients. Marmotech exports its products to America, Europe and the Middle East: namely United Kingdom, Italy, Spain, Israel, Brazil, Argentina, Venezuela, Canada, and United States as well as to nearly the entire Caribbean region.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 3

Third Party Employee Credentials: 7

External Attack Surface: 2

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • info nic.do
MX Records
  • marmotech-com-do.mail.protection.outlook.com.
TXT Records
  • MS=ms68133463
  • v=spf1 +a +mx +ip4:148.113.198.95 +ip4:167.114.170.5 +ip4:144.217.11.216 +include:spf.protection.outlook.com -all
  • vkvfjcy31584s69qtc63wz985jk140sx
  • _gpfnvj8ca1gjtyesl7m2umeq9gpvvow
  • 7lqzmhy67z2pj05x8d7tz2c5nwkdm16n
  • bhbgp21k97nj8yw11pp1wh6vndc2r5j9
  • vb0cx1bc7mjzmgqzv1b681vys2hpxrwj
  • _gpgaqx6w6cizx5ekp2kgn4s0gdl0w0y
  • _yjcy7ad97qkt1byb351ke9y9bmsqs2y
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.