Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

Schmidt's

schmidts.at
Group Incransom
Discovered 2025-11-25
Est. attack date 2025-11-25
Country AT
City Dornbirn

Description:

SCHMIDT'S is a specialized market that offers a wide array of products and services for house, garden, crafts, and industry, boasting over 130 years of tradition and quality. They cater to both private and business clients, providing expert advice and tailored solutions from their extensive product range. The company's services include workshop support, delivery, eBusiness solutions, and a strong focus on customer satisfaction and reliability. SCHMIDT'S is dedicated to maintaining long-lasting partnerships and fostering a family-oriented company culture. Over 100GB of data was extracted: contracts, clients, payment data, PII, and bank transfers.

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • schmidts-at.mail.protection.outlook.com.
TXT Records
  • globalsign-domain-verification=ab14f6054f5fdbad09b41f601d50672c
  • google-site-verification=uRe0hIZekmMJBhoERkDbB-BgBHDG5-PuWOwSAZpb8sg
  • offensity-domain-verification=0cc19d4507f6ee2043f246024ae03eb4841a4e12eb295c38259d9aee91496200
  • v=spf1 mx a:owa.schmidts.at a:smtp.schmidts.at a:schmidts.at a:notification.fortinet.net ip4:83.64.145.35 ip4:85.126.165.235 ip4:193.228.122.60 include:spf.protection.outlook.com include:spf-westeu.emailsignatures365.com include:secureserver.net -all
  • MS=18E98B36A6B3B3C75EB2D6A6C166DB4CFCE4997B
  • MS=ms52541073
  • brevo-code:1b394ce62d12d35cb1fc2edcdd5543ed
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.