Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo NextLabs

Group: play

Discovered by ransomware.live: 2025-08-14

Estimated attack date: 2025-08-14

Country: US

Description:

United States

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 2

Compromised Users: 1

Third Party Employee Credentials: 1

External Attack Surface: 4

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • cluster9.us.messagelabs.com.
  • nextlabs-com.mail.protection.outlook.com.
TXT Records
  • apple-domain-verification=qrER02YH8admp3NC
  • v=spf1 mx ip4:208.185.168.168/32 include:spf.messagelabs.com include:spf.protection.outlook.com include:pb-dynmktg.com include:sent-via.netsuite.com -all
  • atlassian-domain-verification=gkuUuvGz+jRk4oQlSsV+P0fNkWgcjPzqDvWSQlTHSOI3DL+zS8pXojoW8e2r2X-u
  • msfpkey=58zfi6lfboqsp7yizv65pv6ts
  • msfpkey=be5r9x1gw7p8fvpsorwo3jws
Cloud / SaaS Services Detected
Apple Atlassian

Leak Screenshot:

Leak Screenshot