Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Pond Security

Group: Alphv

Discovered by ransomware.live: 2023-09-26

Estimated attack date: 2023-09-26

Country: DE

Description:

Pond Security is a security firm that neglected the banal norms of cybersecurity. In this regard, we managed to infiltrate the servers of this company and download a huge archive of data (400 gb). This archive contains: Correspondence of the employees of this company with such important bodies as NATO, US Army, US Embassy in Berlin. Data on arms purchases. Guidelines for the protection of important German facilities, including nuclear facilities, banks, military facilities. Photos of important facilities in Germany. Documents related to the U.S. Army. Documents related to NATO. And much more....


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse-domains cronon.net
  • abuse strato.de
MX Records
  • pondsecurity-com01b.mail.protection.outlook.com.
TXT Records
  • v=spf1 a mx include:spf.protection.outlook.com include:spf.coredinate.de include:_spf.salesforce.com -all
  • 2rqg9l70e3tp2dl5dr3vope1qe
  • MS=ms31822272
  • cisco-ci-domain-verification=89dedc88a24336da6f4d843ac45f011544ead0265a4a4a38d2106d2fbfd7225
Cloud / SaaS Services Detected
Microsoft 365 Salesforce Cisco

Leak Screenshot:

Leak Screenshot