Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo ambitco - finvestambitco Private Banking

Group: Alphv

Discovered by ransomware.live: 2023-07-26

Estimated attack date: 2023-05-02

Country: CO

Description:

We have over 500gb of your data, you work with banks, aubank.in and many others, everyone will be aware of this leak. We have all the data of your clients, those with whom you work, if you do not get in touch, we will put all these files in the public domain.


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • domain.operations web.com
MX Records
  • alt1.aspmx.l.google.com.
  • alt2.aspmx.l.google.com.
  • aspmx.l.google.com.
  • alt3.aspmx.l.google.com.
  • alt4.aspmx.l.google.com.
TXT Records
  • MS=ms63049544
  • MS=ms68222455
  • amazonses:+p8xdUvc8GbPPG29zNEGILOc5xuAB4cyL2hOMXC+g0I=
  • amazonses:x51WVGPGJqJ1Vcg9AiVmoV/YQGS1HL+JUDMv4yp2PKo=
  • apple-domain-verification=l49Yb3E1fZmgl1xn
  • google-site-verification=QZhZ65X4UfnAhV7GjcCPgtDZePDAf5_ukOiv92vNeuI
  • google-site-verification=WnrMUQv8n9vmJWS-YuJHW34cTqS-UuxgrXVllS_2ikA
  • google-site-verification=bdx1pesVNOEa_IMlJ38L2pGaNco12KrKHBudP6QILdU
  • v=BIMI1; l=https://www.ambit.co/_helperapps/bimi.jpg; a=;
  • v=spf1 ip4:167.89.51.251 ip4:49.248.249.46 ip4:123.252.205.179 ip4:35.154.71.249 ip4:182.71.132.74 ip4:3.7.41.184 ip4:182.71.4.24 ip4:182.71.4.27 ip4:15.207.181.0 ip4:13.126.97.168 ip4:180.179.30.81 ip4:182.71.4.25 ip4:35.200.215.65 ip4:15.206.222.80 ip4:" "1" "18.185.175.169 ip" "4:123.252.205.185 include:_spf.google.com include:sendgrid.net include:ncfp.asia ~all
  • AYd16MVtAj7fNbfMv+F3LHRE9wAr0WnuTtRGFbxlems=
  • MS=ms21544819
Cloud / SaaS Services Detected
Apple Amazon SES/WorkMail Microsoft 365 BIMI SendGrid

Leak Screenshot:

Leak Screenshot

Legal Disclaimer: Ransomware.live does not engage in the acquisition, exfiltration, downloading, possession, hosting, access, consultation, redistribution, or disclosure of unlawfully obtained data. This platform indexes only publicly visible information posted by ransomware operators and open web sources without accessing or obtaining the underlying stolen content. The service is provided to support public awareness, legitimate research, and cyber-resilience. No stolen personal or confidential data is collected or distributed via this site.