crystalhotels.com.tr
crystalhotels.com.tr
Group: stormous
Discovered by ransomware.live: 2025-05-21
Estimated attack date: 2025-05-21
Country:
Data exfiltrated: 40GB
Description:
Full names of hotel guests a Email addresses (internal and external) Customer complaints and feedback content Booking or reference numbers Internal hotel communication data ......
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 28
Third Party Employee Credentials: 7
External Attack Surface: 4
Infostealer Distribution
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- No emails found.
MX Records
- antispamguard.kristalgrup.com.
- etrn.smarthosthizmeti.com.
TXT Records
- M0zoFBk
- MS=AC5EF90EC6D34CB50EED0B7A3983E699F9E0E21D
- eop2be4rbpv3euf6brm7uvn794
- fzy08bmlpfngjgmj19rw0jx9tgv1qr22
- google-site-verification=GjZUT98qWsd8i0iRM6snZz1FeNpgPN9mdVTUYMqZ7S4
- mandrill_verify.Ctu-DHajlKJrbJyWf36prg
- ttb92mxmh6yb7cc1dy8fklmnqf23sssp
- v=spf1 ip4:213.155.118.72/29 ip4:94.102.78.40/29 ip4:212.58.5.0/24 ip4:212.58.6.0/24 ip4:81.21.172.0/24 ip4:95.0.62.67 include:antispamguard.kristalgrup.com include:spf.mandrillapp.com include:spf.mta01.smarthosthizmeti.com ~all
- vz630cfvff88fs1bkcpg2n0f8hs3wf64
- 0509515tknpxbcn4mddx3v4b9zqxswqq
Cloud / SaaS Services Detected
Mailchimp
Mandrill
Leak Screenshot:
