Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo TeamLease

Group: nightspire

Discovered by ransomware.live: 2025-05-22

Estimated attack date: 2025-05-21

Country: IN

Data exfiltrated: 100 GB

Description:

TeamLease (India)

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 3

Compromised Users: 7139

Third Party Employee Credentials: 54

External Attack Surface: 102

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • abuse godaddy.com
MX Records
  • alt3.aspmx.l.google.com.
  • alt4.aspmx.l.google.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx.l.google.com.
TXT Records
  • v=spf1 ip4:115.117.50.1 ip4:115.117.50.2 ip4:121.243.47.194 ip4:115.117.108.154 ip4:103.139.159.242 ip4:168.245.104.97 ip4:168.245.123.153 include:_spf.salesforce.com include:_spf.google.com include:transmail.net.in include:zoho.in include:zcsend.in ~all
Cloud / SaaS Services Detected
Salesforce