Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo cydsa.com

Group: lockbit3

Discovered by ransomware.live: 2023-05-03

Estimated attack date: 2023-05-03

Country: US

Description:

Cydsa, S.A.B. de C.V., together its subsidiaries, engages in the production and marketing of salt, chlorine, caustic soda, and refrigerant gases in Mexico, the United States, Canada, Central and South America, Asia, and Europe.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • cydsa-com.mail.protection.outlook.com.
TXT Records
  • nsq3phenelmcl9rt57q41dl7n9
  • do0agqc6eo55tj6e93nevpc5rm
  • lglo53fqr4bn4978i3t30p922g
  • 455IG7PJRnGcfraXYIVa/fxZw1vkptBdF2LikS2S4P4TMVEUPi6hwz5AL0x/SHSspBc3/67Tr1U9CviGZb33QA==
  • v=spf1 mx a a:s4dsap.cydsa.com a:webmail.cydsa.com a:correo.cydsa.com a:mail.cydsa.com a:correo2.cydsa.com ip4:187.141.252.49 ip4:187.141.252.52 ip4:200.23.108.120 ip4:200.23.108.118 ip4:200.94.111.98 include:spf.protection.outlook.com -all
Cloud / SaaS Services Detected
No well-known cloud or SaaS service detected.

Leak Screenshot:

Leak Screenshot