Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Seoyon E-Hwa

Group: spacebears

Discovered by ransomware.live: 2024-06-18

Estimated attack date: 2024-04-29

Description:

Seoyon E-Hwa is Korea’s representative automotive interior parts specialized company that has produced door panels, bumpers, seats, headliners, rear parcel shelves, package trays, screen assemblies, and pillar posts both domestically and abroad since its establishment in 1972.Revenue: $3 BillionSAPData Bases, Financial Reports and other Valuable, Confidential Informationxls, pdf, doc, docx, pptx... etc. https://www.seoyoneh.com/eng/

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 0

External Attack Surface: 0


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse dotnamekorea.com
  • domain dotnamekorea.com
MX Records
  • spam2.seoyoneh.com.
  • ms79424706.msv1.invalid.
  • gw.seoyoneh.com.
  • spam1.seoyoneh.com.
TXT Records
  • v=spf1 ip4:112.170.142.215 ip4:112.170.142.216 ip4:112.170.142.211 ~all
  • google-site-verification=tCaDNctQ1BOy7wJ6FjNe2gOWfVhXrZ9c1ohTegR5k_w
  • MS=A975B10DEE3429AFCAF93E88D209BA53F5B59F6B
  • MS=ms79424706
  • q4r6442gvcyjc503n2t9973042fd0n3v
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot