Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo acfin.cl

Group: cactus

Discovered by ransomware.live: 2024-05-13

Estimated attack date: 2024-04-04

Country: CL

Description:

Download link #1: https://***************.onion/ACFIN/PROOFMirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/ACFIN/PROOFDATA DESCRIPTIONS: Client confidential data - agreements\reports etc., Personal identification Information (passports, DL, etc), financial statements\reports, executives personal data, security officer private photos and files, etc.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 0

Compromised Users: 37

Third Party Employee Credentials: 0

External Attack Surface: 10


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • acfin-cl.mail.protection.outlook.com.
TXT Records
  • MS=ms37538649
  • v=spf1 ip4:200.27.54.114 include:spf.protection.outlook.com -all
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot