Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Tata Technologies

Group: hunters

Discovered by ransomware.live: 2025-03-04

Estimated attack date: 2025-03-04

Country: IN

Description:

Exfiltraded data : yes - Encrypted data : no

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 107

Compromised Users: 699

Third Party Employee Credentials: 136

External Attack Surface: 132


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • mx1.hc321-85.ap.iphmx.com.
  • tatatechnologies-com.mail.protection.outlook.com.
  • mx2.hc321-85.ap.iphmx.com.
TXT Records
  • globalsign-domain-verification=QW1ayQEhrCjqWUP1OScjlwUvpbuTI_MnFBoRVNrsN4
  • brevo-code:0f0b4158e25bb987a9f37494a026717f
  • f6QHmiE8n1zvE7/n2PzYh9RtiExjBQQuy5y3iQXIfzA=
  • SrfJcc/6ALvcqWjCILrnMf75blaGZmRK9cqGnEVkEK0=
  • pardot520631=ccd9a5b5abd413fdd52d39084986f9ae2fa963fafb8e99f790fc2ff8238f7441
  • _globalsign-domain-verification=f-M9TKUL8K1lCs7Phj5nO6E5Y9OyDx7_qWM2_UFVX2
  • MS=ms25794910
  • globalsign-domain-verification=AfCWe0KWBkjRRQcLns2Z7PzzuTgjTMe3RzaJfRUFPT
  • globalsign-domain-verification=RHSApMJ6tHJYEAUUB9vhlFs_jRYeW7w-75VYXCpUkv
  • google-site-verification=mAMt-GN4bsXYG8gAgbBtEoe0HtHGICd3yp1CGNM_Ik8
  • amazonses:elitj60KgeDw1u3Wa5l3b2VnltOdEbPOTBwxNp5MczA=
  • MS=28F318C73704A9E3DDB4245D9BA299F666BFF7CC
  • pardot520631=4a4a214d017c8adc411de9b5518aa3522688ebafa7ce33ba8d062269c71e4ce5
  • workplace-domain-verification=hPcadOh1zfxIBm3LGX46Eb7vjz6YXi
  • Ff9ePVvkuZ6wNbmdFrgcrHCwJMiXwuYX8PhFAoiMQvytWDtJ2V9t8D2DWKiABvEZbElH5eOHRvSVlduQ2xNAlA==
  • tmes=56bb3a13a3f5e68caf40ba26e4f80f28
  • 1D9oHXQvnP8MctxiITpga8TXiTGPi7P8dYYNnlfo5D6Cu86ooxBmN8RE2qR3wg2aye+lQGGOKsn/9U9dco8OQg==
  • v=spf1 a:mx2.hc321-85.ap.iphmx.com a:mx1.hc321-85.ap.iphmx.com include:_spf.salesforce.com ip4:103.114.204.70 ip4:13.126.94.72 ip4:35.128.38.100 include:spf.protection.outlook.com include:transmail.net include:et._spf.pardot.com -all
  • google-site-verification=4ObsGKMHtfSx9cazj6kvjBT2EhUdY8CEv5HtnG4k_kU
  • CFD0-901C-EE6D-B711-6ABC-7468-7EB6-A650
  • pardot520631=069881ecde1a00c7915251fd587475352d62fd353e4134460d07b19ee83254f0
Cloud / SaaS Services Detected
Amazon SES/WorkMail Microsoft 365 Salesforce

Leak Screenshot:

Leak Screenshot