Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo USGS

Group: fog

Discovered by ransomware.live: 2025-03-06

Estimated attack date: 2023-07-12

Country: US

Data exfiltrated: 1.9 TB

Description:

Extract from The 19 biggest gitlabs

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 13

Compromised Users: 53328

Third Party Employee Credentials: 3

External Attack Surface: 104

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • security doi.gov
MX Records
  • usgs-gov.mail.protection.outlook.com.
TXT Records
  • amazonses:iCXvgYeeCTBsNF5P4aaQq/gAJE3NWJAehnOg3OAoBJY=
  • docker-verification=0b575962-d656-47f4-8fd5-5175fe2f364b
  • v=spf1 include:_spf.usgs.gov include:_spf.doi.gov include:spf.protection.outlook.com include:amazonses.com include:spf-na.exlibrisgroup.com include:servers.mcsv.net include:oclcspf1.oclc.org include:oclcspf2.oclc.org include:_spf.ears.usgs.gov include:mai" "l.zendesk.com -all
Cloud / SaaS Services Detected
Amazon SES/WorkMail

Leak Screenshot:

Leak Screenshot