Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo Transsion Holdings

Group: hellcat

Discovered by ransomware.live: 2025-03-29

Estimated attack date: 2025-03-29

Country: CN

Description:

We hold almost 70GB of sensitive data from Transsion, a leading mobile device provider with $8.6B in revenue. This includes emails, internal communications, source codes, project planning, and data from Transsion and its partners.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 23

Compromised Users: 1774

Third Party Employee Credentials: 381

External Attack Surface: 112

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • DomainAbuse service.aliyun.com
MX Records
  • transsion-com.mail.protection.outlook.com.
TXT Records
  • MS=ms82920406
  • google-gws-recovery-domain-verification=61560790
  • google-site-verification=hQ-Ln1SZ15cFaBIPjgGWltY173HyNcaiF31qPLhphZE
  • google-site-verification=tgoRpgUejun5y8YDPjlaD0PnzTFjOXx0Qjy0HHzvPkk
  • v=spf1 include:spf.protection.outlook.com -all
  • IGI9gm2lt9Tfe8ddjF6cPRQCtnePL4YDN0MAAZx+A1g74V71apgmOCRJi8Nun9nLdujofyFdbwSbtOYIi43eGQ==
Cloud / SaaS Services Detected
Microsoft 365