Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Thern

Group: Play

Discovered by ransomware.live: 2025-07-31

Estimated attack date: 2025-07-03

Country: US

Description:

United States


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • thern-com.mail.protection.outlook.com.
TXT Records
  • v=spf1 a mx a:barracuda.wan.databarn.net include:spf.protection.outlook.com ~all
  • wpe-verification=therninc
  • 9H15S34LBSQ62C4SBJA65S7YPF8E45XLR46ZUOT9
  • MS=ms76294455
  • google-site-verification=7-sJrQTeGShKg0ckWtuUTw8xJdo9kLvwhxX3rDV2E3A
  • trend-micro-v1-domain-verification.3668a8a288e5caaba3b48b2b3eb80501=06450ba3-b240-41ed-bc97-f1a784272046
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot