Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

National Civil Service Commission of Colombia

cnsc.gov.co
Group Kazu
Discovered 2025-11-11 13:20 UTC
Est. attack date 2025-11-10
Country CO

Description:

The official portal of the Comisión Nacional del Servicio Civil (CNSC), Colombia’s National Civil Service Commission. This government body is responsible for overseeing the recruitment, selection, and management of public servants in the country. It ensures that hiring for government positions is fair, transparent, and based on merit. The site provides essential information about job openings in the public sector, application processes, and the regulations that govern public service employment in Colombia. It serves as a key resource for individuals seeking to apply for civil service positions or learn about public sector employment in Colombia
Infostealer activity detected by HudsonRock

Compromised Employees: 19

Compromised Users: 63729

Third Party Employee Credentials: 32

External Attack Surface: 103

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuseregistrocolombia.co
MX Records
  • cnsc-gov-co.mail.protection.outlook.com. Microsoft 365
TXT Records
  • google-site-verification=16fJ0fNkWV4zA7yprDE890cYT1uwk_iXBjeab8KfRPE
  • google-site-verification=w6JPWjRXdmDQ2cdcI0RByNHlkLmAw6h4oP4UcsgGdDs
  • v=spf1 ip4:8.242.147.103/32 ip4:8.242.147.99/32 include:spf.rpost.net include:spfdm-us-east-1.aliyun.com mx:cnsc.gov.co include:spf.protection.outlook.com -all
  • MS=ms80821487
  • jt64r0c0q3d21csffr8f1umkr2
  • kPSUUDP6kM7izTjj6iXBOqEDprWukgRjWqlk7uI9B177wvlyDgDniqQue/+bXC05z5Vi1QKUrhZqra1VCQhBXQ==
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.