Contact us Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are leading to ransomware attacks

Logo

WholeHealth Chicago

www.wholehealthchicago.com
Group Cmdorganization
Discovered 2026-05-15 11:50 UTC
Est. attack date 2026-05-15
Country US

Description:

WholeHealth Chicago is a leading healthcare practice specializing in integrative, functional, and alternative medicine. They offer a wide range of services including internal medicine, chiropractic care, nutritional counseling, and various therapies aimed at promoting overall health and well-being. Their intended clients include individuals seeking personalized and holistic approaches to health, particularly those interested in combining conventional and alternative treatments. The practice is known for its patient-centered care, where providers work collaboratively with patients to develop tailored treatment plans.
Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 1

Third Party Employee Credentials: 2

External Attack Surface: 1

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abusegodaddy.com
MX Records
  • wholehealthchicago-com.mail.protection.outlook.com. Microsoft 365
TXT Records
  • v=spf1 ip4:173.236.243.233 ip4:104.49.71.180 ip4:162.167.249.36 include:spf.protection.outlook.com include:cmail1.com include:zcsend.net -all
  • k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiM31pSlAnXKfgEwcE4MGw8kh5yOWlLIZdDfbWTVuYiKhQG8207ozSVAFv/9VcMv/7pxQEN1iFXiyrQUCYo2Q6A0OGxLh4fbk8tP1rRq37Ajn0wnc3OMlcU59llRYiJ0uodwvxF9N1q4IiT0mv3Ih6vMUoh/yvbT0qodmOBxTT4wIDAQAB
  • google-site-verification=briNpFo7CaggMXVaoY2d-h4iz0r4Trnl_6k7sZwumso
  • Sendinblue-code:92d25a02df31f6b1e9f27a2002a265c4
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.