Tan Chong Motor Holdings Berhad
Tan Chong Motor Holdings Berhad
Group: crypto24
Discovered by ransomware.live: 2025-07-16
Estimated attack date: 2025-07-09
Country:
Description:
We have exfiltrated over 300GB of sensitive data, including Customer databases (all dbs of tanchong - NAV, BRASSTAX, VTS, CRM, E-INVOICE,...),Legal and HR documents, Financial and employee records, Contractual documents with partners and customers.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 9
Compromised Users: 86
Third Party Employee Credentials: 63
External Attack Surface: 42
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- compliance_abuse webnic.cc
- lawrence.wong tanchonggroup.com
MX Records
- tanchonggroup-com.in.tmes.trendmicro.com.
- tanchonggroup-com.mail.protection.outlook.com.
TXT Records
- brevo-code:b56eb170cd1a662b51e59e19fab3d71c
- MS=ms69170145
- MS=916EA967D3A739C9FDD585C9F43D99A6124EFDFE
- VXXGUHJNMD9U21BAM287EPMDM30SF0I4OSWO4WSO
- MS=ms46685854
- v=spf1 " "include:spf.protection.outlook.com " "include:spf.tmes.trendmicro.com " "include:_spf.firebasemail.com " "include:_spf.mlsend.com " "ip4:211.25.100.128/25 " "ip4:202.188.134.0/25 " "ip4:113.161.58.214 " "ip4:210.245.3.167 " "ip4:202.188.134.12 " "ip4:210.245.3.162 " "ip4:113.160.87.34 " "ip4:118.69.187.65 " "~all
- firebase=tceas-mobile
- 63P155CNGV4369AHVA4KXBNN9DBEIQBUTZQFLRIT
- amazonses:HflR3XoW4D9gCs+4Qtk8yxPH1557AYRFvtuNt0fBfhM=
- tmes=4122ef3fa00c68a73870a95cbe8c9a8a
- google-site-verification=q0Qdd2EoAMQ4JxvSCAhHaHha4-YRe6QNkzScfDYX9yA
- W2UBOVMLAJXR68CK39AT0XF9REIOIBYBE1HVC9PQ
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Microsoft 365