Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo MinebeaMitsumi Inc

Group: cicada3301

Discovered by ransomware.live: 2025-03-22

Estimated attack date: 2025-03-22

Country: JP

Description:

Status: 20d 19h 5m 16s - Size Data: 3.2 TB

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 50

Third Party Employee Credentials: 0

External Attack Surface: 7

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse 1api.net
  • info domain-contact.org
  • dommaster mark-i.jp
MX Records
  • mxa-00901c02.gslb.pphosted.com.
  • mxb-00901c02.gslb.pphosted.com.
TXT Records
  • google-site-verification=U3lbayyk1yY3Rx2ae7muaiYRFrYbf4SbyL4cvPql8qA
  • duo_sso_verification=wL9OW91p6e9RGYWmqyCGaJqp9a1wl5pxFqaU1OCjQftuWBlvI7Qdr7GxUzKQw7z6
  • apple-domain-verification=gHW89wgzwSmGagLa
  • v=spf1 mx ip4:58.156.25.114 ip4:58.156.25.118 ip4:58.156.25.123 ip4:58.185.12.163 ip4:58.185.12.165 ip4:60.209.36.4 ip4:61.194.96.92 ip4:58.4.6.90 ip4:58.4.6.91 ip4:58.4.6.92 ip4:58.4.6.93 ip4:202.109.115.18 ip4:203.179.55.73 ip4:87.129.216.7 " "ip4:87.129.216.14 ip4:103.3.48.192 ip4:124.6.153.5 ip4:195.146.129.210 ip4:202.33.112.220 ip4:203.140.30.99 ip4:210.134.62.245 ip4:210.134.62.254 ip4:210.159.102.190 ip4:210.166.72.36 ip4:210.166.72.37 ip4:210.166.72.24 ip4:210.166.72.25 " "ip4:210.175.138.244 ip4:220.213.236.162 ip4:57.181.68.32 ip4:35.74.129.55 include:_spf.google.com include:_spf.jcareers.com include:amazonses.com include:et._spf.pardot.com include:spf-00901c02.pphosted.com ~all
  • sending_domain1013602=b957324d0e81d1933521139c64c7a65a9e8e03a8491882ec0e4c8503d5ace4b0
  • atlassian-domain-verification=r9VUeHcbLWN7pQhWa3FYDtB/2OFXEveRRNfhaWpBaf30XVtOw2A4Oyt1dz/12XDD
  • smartsheet-site-validation=Zo5qnwieGfhgIGDvEgCYl0BfdW65S5RC
  • pardot1013602=d232973fcc9756d270e92ecbeecf077803065b281c28516514b94c324bb31eb1
  • MS=57CFA423AC56548C19F546F41C94B2AF689FF315
  • duo_sso_verification=DLrCdkSaURGBk6VcpgCrD3TlIKni94Bi0YPUGhYqdOM8I9gOAIunhNGGkp5qf0hM
Cloud / SaaS Services Detected
Apple Atlassian Amazon SES/WorkMail Salesforce Cisco Duo Proofpoint

Leak Screenshot:

Leak Screenshot