Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo VITAMIX.COM

Group: Clop

Discovered by ransomware.live: 2025-11-13

Estimated attack date: 2025-11-13

Country: US

Description:

[AI generated] Vitamix is a renowned American company that specializes in the production of high-performance blending technology for both home and commercial use. Recognized for its high-quality, durable and versatile blenders, Vitamix aims to promote healthy living with products that can blend, grind, chop, churn, heat, and more with incredible precision. Their products are the preferred choice for many professional chefs and home cooks around the world.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 4

Compromised Users: 289

Third Party Employee Credentials: 4

External Attack Surface: 86

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse cscglobal.com
MX Records
  • mail3.mxsmtp.com.
  • mail2.mxsmtp.com.
  • mx.us.mailmarshal.cloud.
  • mail4.mxsmtp.com.
TXT Records
  • cisco-ci-domain-verification=bb98dde910109fc3bb14f001eda6c4db236f7fdd4a55137fca540d9924b1e5d
  • adobe-idp-site-verification=d068a62d178bd8e17f67a1823e4d699a1783589d41b98f1ec0d410d382070a37
  • v=spf1 include:spf.us.mailmarshal.cloud include:_spf.salesforce.com include:mailgun.org ip4:209.94.89.38 ip4:12.17.146.130 ip4:74.142.62.162 include:spf.protection.outlook.com -all
  • ms-domain-verification=30c7a970-a961-4467-9955-25d93b4eceb5
  • dell-technologies-domain-verification=vitamix.com_e10328e7-c07f-400c-b79b-77213fddf7a6_1689471353
  • docusign=fab34b50-4c5a-4620-aadb-a19285eb93fc
  • MS=1BA957D4BF63DCC77D6699C0E1552C6635EDEEE1
  • atlassian-domain-verification=EIawGjaxLNyzunI81bMXeERCpVhBoKVnYtlEXX3lnNRUso7n0DaXSwoIFamAulet
  • Y8jvx3p4jo6nza5gajltg6c42bvue4
  • smartsheet-site-validation=n2GJ-umu1vpMMCeWkJLsB1DkOO3RbWkX
  • webexdomainverification.4C675B88D41AB136E053AB06FC0A3F65=49b23304-a626-49f2-8db6-72804cffee48
  • google-site-verification=YihiVfkZaq8oBuw5U8IZ5PObJPUobn9QbodhklICo20
  • atlassian-domain-verification=CckUMSbNU8MZpUTmWHWFqv5TJPVvBKm7esqz0SGaN1w5yuOa0jOjkPU3PnYRLb4Z
  • t4sm0l5zdpk8kf9tbtq4df4qy5tnqsf4
Cloud / SaaS Services Detected
Adobe Atlassian Salesforce Mailgun Cisco DocuSign Cisco Webex

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.