Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo PT Pertamina

Group: killsec

Discovered by ransomware.live: 2024-12-20

Estimated attack date: 2024-12-20

Country: ID

Description:

N/A

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1495

Compromised Users: 26510

Third Party Employee Credentials: 613

External Attack Surface: 200


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse enom.com
MX Records
  • mx0.pertamina.com.
TXT Records
  • google-site-verification=8Bx47pDr8O2O2xjd70u0QNe8eYR9qqEacilPvkYyKfE
  • MS=B4BC1AB77DAC47B33D1A4C45972AC1593671F926
  • app-pertamina.azurewebsites.net.
  • FEB4628D3B2507B534FE1FCAB54ADBBD2EBD1C8EA5B53A1B3D0C96B6688CB1E6
  • f4mb/2uAVTpOtzusCghBYrEz5l/Yc9H4rccY1B0/tcRVDHvIbaLvRTIYNTr7bJmk6rRkn+EBUQNSlihErdMnFQ==
  • google-gws-recovery-domain-verification=52809464
  • MS=ms89339536
  • w2pfmch1hmj505gsst3jhvkvt4vfj675
  • 6vz2b6vml8dcr4pc32n7gdh1sgjlqxyx
  • google-site-verification=UFohwTqXAbb2rkbQfUsiYqUfBRII-NF1tzyxV-cmz-Q
  • jhqclkcftqr3m5xf5n3n8cjrfzfc1lt7
  • 2257759d-0184-4a30-960b-54bd94d96d9b
  • v=spf1 a:mx6.pertamina.com a:mx7.pertamina.com a:o1.mxs3.pertamina.com include:spf.protection.outlook.com include:spf.messagelabs.com include:spf.mailtarget.co ip4:202.20.106.191 ip4:202.20.106.201 ip4:202.20.107.201 ip4:202.20.106.202 ip4:202.20.107.202 " "exists:%{i}.spf.hc1444-54.ap.iphmx.com -all
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot