Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo champeau.com

Group: cactus

Discovered by ransomware.live: 2024-09-06

Estimated attack date: 2024-07-19

Country: CA

Description:

Download link #1:  https://***************.onion/JMCINTERNET/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/JMCINTERNET/PROOF/DATA DESCRIPTIONS: Personal Identifiable Information, employees\executives personal data, engineering documents\projects\drawings, customer information, financial documents, corporate correspondence, etc.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domainabuse tucows.com
  • dns netrevolution.com
MX Records
  • champeau-com.inbound.emailservice.cc.
  • champeau-com.inbound.emailservice.co.
  • champeau-com.inbound.emailservice.io.
TXT Records
  • v=spf1 include:spf.us.emailservice.io ip4:35.169.41.199 ip4:198.46.87.228 include:spf.protection.outlook.com include:8670338.spf02.hubspotemail.net ip4:149.72.137.232 ip4:149.72.188.204 ip4:167.89.1.65 ip4:168.245.47.229 ip4:35.231.189.43 -all
  • j3lci143ruh1i827ln8c6es9a7
Cloud / SaaS Services Detected
HubSpot

Leak Screenshot:

Leak Screenshot