Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo SK Telecom

Group: Coinbasecartel

Discovered by ransomware.live: 2025-09-15

Estimated attack date: 2025-09-15

Country: KR

Description:

South Koreas largest wireless carrier offering mobile services broadband IPTV and cutting-edge AI and IoT solutions

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 50

Compromised Users: 609

Third Party Employee Credentials: 11

External Attack Surface: 118

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse gabia.com
MX Records
  • spmail.sk.com.
TXT Records
  • E8kOQeX6ugARshENkoQaFNcQ8ZkpCFCJSRaiKTh71yGgFM8Z+FZI/HryKfTvIa6DTG+3Uy6L+8C0ugN2ucIX5w==
  • MS=ms31428633
  • v=spf1 ip4:220.103.255.156/31 ip4:220.103.255.36 ip4:203.236.20.104/29 ip4:203.236.1.80/28 ip4:203.236.20.1/26 ip4:203.236.1.102/31 ip4:203.236.1.192/27 ip4:211.188.154.57 ip4:3.34.13.255 ip4:223.62.24" "0.136/31 ip4:203.236.20.242/31 ip4:10.179.23.201 ip4:223.39.117.3 ip4:223.39.117.4 include:mnservicemail1.sktelecom.com include:spf.protection.outlook.com -all
  • google-site-verification=rfz4DwqqWLR5vHN9iCTpy85b3fTbNZ4ev8TIVRj8L5g
  • google-site-verification=XA67vT9CQx-d_DlXZ-qaWMO0dvYQZC9ZAjfgmPXVU5g
  • google-site-verification=kACDvWPcEqC9jqq9xtvYeJKPJ-GsqpQzuEtZhjMDzJ8
  • google-site-verification=3tFTxBrIp9V-E8sVrbDwFvRj-Dn5KWmrH38MdW0FYlU
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot