Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo Wachendorff

Group: Thegentlemen

Discovered by ransomware.live: 2026-02-24

Estimated attack date: 2026-02-24

Country: DE

Description:

wachendorff.de zoominfo.com/c/wachendorff-gebäude/368536587 Wachendorff Unternehmensgruppe specializes in the development and manufacturing of encoders and measurement systems, providing reliable solutions for rotary and linear measurement tasks. They also offer industrial electronics and automation technology, serving as a trusted partner for industrial communication and visualization for over 45 years. Their VISUALYS division focuses on creating data awareness through web and app-based software solutions, emphasizing IIoT, data visualization, and data analysis. The company caters to clients in the German machinery and plant engineering sector, delivering high-quality, robust devices tailored to specific applications


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mx04.hornetsecurity.com.
  • mx01.hornetsecurity.com.
  • mx02.hornetsecurity.com.
  • mx03.hornetsecurity.com.
TXT Records
  • v=spf1 mx ip4:217.19.186.80/28 ip4:178.77.112.89 include:spf.protection.outlook.com include:spf.eu.exclaimer.net include:spf.hornetsecurity.com include:_spf.online.superoffice.com -all
  • jlfunf03jv2jg092fb5cad7mu7
  • apple-domain-verification=DOhE2cFntGuAEz5U
  • atlassian-domain-verification=1y9daiCzfAEcsjHTCvAsuzrmfZFhWoQUeKjeHBfUhiLVca8lNI59XvJ2j3fkch4J
  • logmein-verification-code=53f4188a-c0e1-4155-8a67-c9429b5964da
  • WZ1GDXQ3JjjVTeKmyE68AzwmtJ2aBzmligZkas4RWQlhXl1i8FSuswt4zb8WusuKrIFajZ4UECVHmuMdMtdj4g==
  • idxR1KNu2qED9zMDh+KdVHYkmcQfZeRFuZdQSSBCg6kr324ZzkBuN+YEfZ/QLEmBAy1weJV0F9QSlWiidLdlmw==
Cloud / SaaS Services Detected
Apple Atlassian LogMeIn Hornetsecurity

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.