Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo chroma.com.tw

Group: Warlock

Discovered by ransomware.live: 2025-09-16

Estimated attack date: 2025-09-16

Country: TW

Description:

all data

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 6

Compromised Users: 18

Third Party Employee Credentials: 2

External Attack Surface: 35

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • ppspam.chroma.com.tw.
  • ppspam3.chroma.com.tw.
  • ppspam2.chroma.com.tw.
TXT Records
  • openai-domain-verification=dv-r3HET81WHNmgeEVcBYhVKKP1
  • _47b8w2albnz4z0ny9772wfw5wmwckkd
  • v=spf1 mx ip4:60.248.21.84 ip4:219.87.155.84 ip4:60.248.21.83 ip4:219.87.155.5 ip4:219.87.155.13 ip4:60.248.21.73 ip4:61.63.128.25 include:spf.protection.outlook.com -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.