Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo belfius.be

Group: killsec

Discovered by ransomware.live: 2024-09-05

Estimated attack date: 2024-09-05

Country: BE

Description:

Belfius Bank, founded in 1996 and headquartered in Brussels, Belgium, provides banking services.

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 13

Compromised Users: 54

Third Party Employee Credentials: 5

External Attack Surface: 26


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mail.belfius.be.
TXT Records
  • google-site-verification=BzqG9kLBBevJVo5LKuYu-RZLdGpD1QJEBUb4CpVg5xE
  • _4qnxkc2agwi4sgbbtl071b7m4xebzkx
  • miro-verification=fed5e6f4926ba0cefa65c1a512f9f795d586d134
  • have-i-been-pwned-verification=6419316d3960281afb9577ab54216dbe
  • QuoVadis=08faf705-a7f0-48d6-8886-401441d94d94
  • google-site-verification=P2c9SjVf51Be-jhsHe8Pe8dw3ZlLXKE9BNHDjvue81c
  • globalsign-domain-verification=s1T78T2LoUhvaqLnytrtkikYkuNrzYpX7XdXKiH867
  • r0by0m7r6p47ngsgpxbrc24zrt2l49gq
  • QuoVadis=536e02ed-7221-4972-8511-9919aed61daf
  • _brjo6s0l2b8kmxh9s0dcfaytm23t4nj
  • adobe-idp-site-verification=5f542e21-dcba-45b4-9c19-ee31f6d24c0d
  • google-site-verification=21mOJj1BOtnPFeNsCEf5sqZPptcmiXW9SH-BcVD8Avg
  • _globalsign-domain-verification=YhwEbv70TlLfHv_syA4fVw5ABAqZ76Q5E7su0PGnAr
  • globalsign-domain-verification=-DBRuFg_Z8b5iVtCMiGxSE1B3L-jH2H9PrbdkjaP7X
  • _h35qujgl8as6pq3yn7tjasfa3vzuruj
  • xr8lx9clpm0z4kqtfxksp0jrl3msxwjd
  • paloaltonetworks-site-verification=5e7434416082b43a7139d710d5182413527b2be22c6d02e6444dbfee46c891fe
  • 0fllzymzmpjzhhhp4lkb31sn4jz8m4q2
  • google-gws-recovery-domain-verification=54609390
  • successfactors-site-verification=YjA2NjUyZTRjNzRkODk4Yzg0MGRjNzYyZjViNTYxNzU3MGVjNWU5M2FjNjcwMmEyMDU5NDJkYjBjZDAwYzA1OQ==
  • MS=ms16040564
  • apple-domain-verification=rSgTvU8ijCgmkemW
  • onetrust-domain-verification=7fe7901e64e44dd0b8ceadf80949a27b
  • google-site-verification=Corl1Gn3t9BY8JXOEFPfD8lpvW8zc1URrORicAqAw58
  • dw3f352yw2n8csnsk1qzbfmf7z9hsqk5
  • tr76hh1j7xy3l8kw41smr8v5vqz5t25w
  • google-gws-recovery-domain-verification=55479146
  • google-site-verification=wL5FW0fwzsZmOSPg8jWi1zMCH5vJ72_PK8SPVFMEINs
  • QuoVadis=493aaff4-9d19-4f82-a615-2c9b677ee82a
  • 3wv276b97g1lvphr0hjnvpxs9llyldww
  • v=spf1 ip4:141.96.0.129 ip4:212.63.232.3 ip4:31.193.177.229 ip4:31.193.177.236 ip4:62.72.101.114 ip4:188.64.79.0/24 ip4:188.93.102.215 ip4:79.174.133.61 ip4:185.18.8.253 ip4:85.158.111.74 include:spf.mandrillapp.com include:servers.mcsv.net" " include:spf.mailjet.com include:spf.flexmail.eu include:sendgrid.net include:_spf.cmail.ondemand.com -all
Cloud / SaaS Services Detected
Adobe Apple Microsoft 365 Miro Mandrill Mailjet SendGrid OneTrust Have I Been Pwned

Leak Screenshot:

Leak Screenshot