Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo cisin.com

Group: J

Discovered by ransomware.live: 2025-06-20

Estimated attack date: 2025-06-11

Country: IN

Description:

[AI generated] Cyber Infrastructure Pvt. Ltd. (CIS), known as cisin.com, is an IT service provider company that develops and delivers customized solutions in software development, mobile app development, AI, and cloud solutions. With the help of its 1000+ experts, CIS offers a unique blend of offshore and onshore client engagement models for startups, SMEs, and large enterprises worldwide. It is headquartered in India with multiple global offices.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 1

Compromised Users: 48

Third Party Employee Credentials: 3

External Attack Surface: 53

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • trustandsafety support.aws.com
  • 9229f0e3-b0a3-4caf-a144-166706326c1d identity-protect.org
MX Records
  • aspmx3.googlemail.com.
  • aspmx.l.google.com.
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx2.googlemail.com.
TXT Records
  • google-site-verification=a8cNEptxs4bFdJia51I9TglW26m7anMdMHJOsrqe7tk
  • v=spf1 include:_spf.google.com include:amazonses.com include:servers.mcsv.net mx ~all
Cloud / SaaS Services Detected
Amazon SES/WorkMail

Leak Screenshot:

Leak Screenshot