Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Payme Ltd

Group: blacknevas

Discovered by ransomware.live: 2025-08-06

Estimated attack date: 2025-05-24

Country: GB

Description:

Payme Ltd is a CIS payroll and contracting company with FCSA and professional passport accreditation for agencies and contractors.loading the entire company infrastructure, 1030 gigabytes of passport data and financial reports

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 67

Third Party Employee Credentials: 0

External Attack Surface: 7

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • payme-co-uk.mail.protection.outlook.com.
TXT Records
  • v=spf1 mx a include:spf.protection.outlook.com include:authsmtp.com include:cmail1.com include:i4services.uk -all
  • MS=ms37273364
  • 814d9de3e1314958a72d8c85ebb98df8
  • sophos-domain-verification=176605cb0a65a8f2da5491f0c206c0dd521e5be003a662aaa107db0281a47366
  • lZ/hVBxNotgPc0b/d5/rVE/AI7JIDebSSzS/KQ3qD0c1aiHPILDEDimbcED2dx1ZQqGGoH+1g2O2cl0YRPOyEw==
  • as=1203519136
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot