Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Warisan TC Holdings Berhad

Group: crypto24

Discovered by ransomware.live: 2025-07-16

Estimated attack date: 2025-07-09

Country: MY

Description:

We have exfiltrated over 300GB of sensitive data, including Customer databases (all dbs of wtc - TOURPLAN, CRM, E-INVOICE,...),Legal and HR documents, Financial and employee records, Contractual documents with partners and customers.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • compliance_abuse webnic.cc
  • reg_458343 whoisprotection.cc
  • adm_458343 whoisprotection.cc
  • tec_458343 whoisprotection.cc
MX Records
  • tanchonggroup-com.in.tmes.trendmicro.com.
  • warisantc-com.mail.protection.outlook.com.
  • tanchonggroup-com.mail.protection.outlook.com.
TXT Records
  • 03stjwt2kbyp3g7371ltxg08sm3t9b60
  • MS=ms10713144
  • VXXGUHJNMD9U21BAM287EPMDM30SF0I4OSWO4WSO
  • tmes=286954802eed84ed993150f0e235069d
  • v=spf1 include:spf.protection.outlook.com include:spf.tmes.trendmicro.com include:_spf.google.com ~all
Cloud / SaaS Services Detected
Microsoft 365