Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo WHEELS.COM

Group: clop

Discovered by ransomware.live: 2025-02-27

Estimated attack date: 2025-02-27

Country: CA

Description:

[AI generated] WHEELS.COM is an automotive services company that specializes in fleet management. They provide a broad range of services intended to simplify vehicle leasing, fleet management, and driver support. They combine expert advice, powerful technology, and data-driven strategies to streamline fleet operations, helping businesses manage their vehicles more effectively while ensuring drivers’ safety and satisfaction. They cater to various sectors including pharmaceutical, infrastructure, and food & beverage.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 75

Third Party Employee Credentials: 14

External Attack Surface: 22


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mxb-00224801.gslb.pphosted.com.
  • mxa-00224801.gslb.pphosted.com.
TXT Records
  • google-site-verification=FR2eTrkG2a8rTp93mJogx1QxI6O4G0yb2AKjf4-tNIU
  • SFMC-mg1k5-5bGtqLQZwBW4308ZivwCQ8UbdfbTX00oNU
  • rX4omT5haM9hZbDQrRYCmUw4h7Vi+4xvh4D/AuN2CtaWf7M3xC16VeMuNCwlfw5ebDiUU9p75e8KRHeEMuME4w==
  • globalsign-domain-verification=cyY3kR7t7s8-yfbj243Dv_l8Ad2iJAVmnQf3nKNFdr
  • Xmedius-Verfiication=2f4e9f79f322f42f6871b5a8047ff5f2a3a172a3b60403f19d4750dff8e4efd7
  • atlassian-domain-verification=n3Y9pSc+PTXI60IwMr9QOuZ8nFXP+D/OlCVEBdCTpv+AqQeohcz9H5gxUuuk2pfK
  • MS=ms32497836
  • openai-domain-verification=dv-08wuCW3FqY87V7GNUFEx1fch
  • google-site-verification=UZyo-_gWIJx4KsBagvNA0ByJL7Ds6vDNmpzcsyUQaIc
  • smartsheet-site-validation=nfexCDvG8NjI1WYd6X2U5bNoBDvkRYLZ
  • ms-domain-verification=c2682594-80e6-45ba-97b1-12fb50c869a8
  • docusign=32c81745-a24c-4fb7-b15a-b5a7fd13092b
  • v=spf1 include:%{ir}.%{v}.%{d}.spf.has.pphosted.com ~all
  • miro-verification=c1fcc3fb2d9507394ec7fb2b2d05e61766690dc1
  • Dynatrace-site-verification=035c781e-fcf4-4a3e-9e32-57a2e005dbc0__5v4s32svg59d192av6i02n66g9
  • Dynatrace-site-verification=c5614d22-143e-4b00-b95d-9de00f2f888e__9uckeuakkeqt6nv34j57vjvobj
  • qy518zr5rl0cnmxfyb84kskvz06zwrnl
  • SFMC-apqn3AQtMk-jqCSGO4xhEPXkH3u4BZ-v0hECg2pI
  • knowbe4-site-verification=d022422d8afb2cf2184f4cb87dde19bc
  • pardot271202=29f269eb785d38e702a9f1a1baed9c770cf82abf8e100fcddfa34109dde3c172
  • Dynatrace-site-verification=6ed683f3-2b77-4e18-8550-267fa46bce83__51scv04cog205snhcrj30hc9tt
  • cloudflare-verify.wheels.com=262836942-780107158
  • google-site-verification=VPgPZyuG9yaSgCFUATqn67GKqLr3hpZ6jnSGHyZDfKs
  • Foxit-domain-verification=0eb269301577e535d15baa8968d24c68
  • hcp-domain-verification=c8a59891abb01b7dfb24579619f46d322deaff4841ea710d4469491980966ddd
  • MS=ms50540847
  • Dynatrace-site-verification=b3aed7b3-1b0f-475a-8e68-61c80e2c5387__eje3khffrhmg2peitb5957r7j5
Cloud / SaaS Services Detected
Atlassian Microsoft 365 Salesforce Miro KnowBe4 DocuSign Proofpoint