Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Seoul Guarantee Insurance

Group: gunra

Discovered by ransomware.live: 2025-08-18

Estimated attack date: 2025-08-18

Country: KR

Data exfiltrated: 13.2TB

Description:

[AI generated] Seoul Guarantee Insurance (SGI) is a South Korean company specializing in credit and guarantee insurance for businesses. It offers insurance cover for trade, construction, and small to medium-sized businesses. It also provides surety bonds, credit guarantees, and financial services. Other services include reinsurance, loan guarantees, export insurance, and retail insurance products. The company was established in 1969 and is based in Seoul, South Korea.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 845

Third Party Employee Credentials: 1

External Attack Surface: 66

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mailmx.sgic.co.kr.
TXT Records
  • v=spf1 ip4:203.229.175.100 ip4:203.229.175.101 ip4:203.229.175.102 ip4:121.128.224.13 ip4:121.128.224.23 ip4:121.128.224.99 ip4:203.229.175.114 ip4:203.229.175.118 ip4:121.128.224.102 ip4:121.128.224.101 ip4:203.229.175.65" " ip4:203.229.175.66 ip4:203.229.175.67 ip4:121.128.224.100 ip4:203.229.175.115 ip4:203.229.175.116 ip4:118.216.173.131 ip4:121.128.224.99 -all
  • MS=FDC0F09A92EA6B5AEF8D853A9C212515E5F2E405
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot