XChief / ForexChief
XChief / ForexChief
Group: Killsec
Discovered by ransomware.live: 2025-09-28
Estimated attack date: 2025-09-28
Country:
Description:
N/A
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 637
Third Party Employee Credentials: 0
External Attack Surface: 23
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse godaddy.com
MX Records
- mx.postal.forexchief.com.
- inbound-smtp.us-east-1.amazonaws.com.
TXT Records
- v=spf1 a mx include:amazonses.com include:spf.postal.forexchief.com ~all
- google-site-verification=10fzGrmR6pD6k_P2dpCN9eJ3KslGzcnpapu4wRR68Vg
- google-site-verification=Lz4SVBiTfYcpHCAmyIZazk6xey-TOJluzw7msk69k9k
- google-site-verification=c0GSAHDteafDx9RauQcqX_YCav3sEHFK9hI-j4q6QPw
Cloud / SaaS Services Detected
Amazon SES/WorkMail
Leak Screenshot:
