Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Nok Air

Group: alphv

Discovered by ransomware.live: 2023-07-26

Estimated attack date: 2022-11-20

Description:

We have stolen 500 GB of data, you have exactly one week to contact us, otherwise the data will be published!


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • nokair-com.mail.protection.outlook.com.
TXT Records
  • \009 google-site-verification=bASCu7v62ndb7FBUKUeZIkHGhzxEG-8mdWMxeh_hLZI
  • v=spf1 ip4:210.86.181.20 ip4:210.86.181.27 ip4:210.86.181.28 ip4:210.86.181.29 include:spf.protection.outlook.com include:sendgrid.net include:amazonses.com ~all
  • google-site-verification=MWxzTYfyU_Q2X2SJ0RTrOZNlyydg6oza7J8S7FjhTWU
  • amazonses:Q0guC4hSAHKquP9xK9uuF5H7Uud84jNouaaOsKy4grg=
  • MS=ms89783719
  • google-site-verification=QsOYsKVFnWc2XmjVinlLAacNk4oxTdE9q_NS61V3Ex0
  • amazonses:XQ4QlnbE0z6OYWGBOQ0Cn45KWUQnpwEN/wXbneAJlDQ=
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365 SendGrid

Leak Screenshot:

Leak Screenshot