WAT Supplies
WAT Supplies
Group: play
Discovered by ransomware.live: 2025-05-26
Estimated attack date: 2025-05-23
Description:
Canada
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 1
Compromised Users: 0
Third Party Employee Credentials: 0
External Attack Surface: 1
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- us1-smtp-mx2.titanhq.com.
- watsupplies-com.mail.protection.outlook.com.
- us1-smtp-mx1.titanhq.com.
TXT Records
- Future A record to: 15.197.225.128
- MS=ms37683909
- Service: _autodiscover Protocol: _tcp Port Number: 443 Host: mail.watsupplies.com
- lvrth9137dkj2leet512dvhhkf
- pf35v66lkik1uu9as53phko81o
- qmil8bb5pmm32cak8acqrhr1li
- v=spf1 include:spf.protection.outlook.com include:_spf.vianet.ca -all
Cloud / SaaS Services Detected
Microsoft 365
Leak Screenshot:
