Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo bellgroup.co.uk

Group: cactus

Discovered by ransomware.live: 2023-12-29

Estimated attack date: 2023-12-22

Country: GB

Description:

Download link #1: https://***************.onion/AIRDRIE/PROOF 


DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mx1.mtaroutes.com.
  • mx2.mtaroutes.com.
  • mx4.mtaroutes.com.
  • mx3.mtaroutes.com.
TXT Records
  • MS=E31CCE809AD806BE3F5D110FEC6B2D0877963AB9
  • h0pbh0gblghbhg8ku87gb2kcdv.
  • hg1bkiemrnlvvleikkb5v1ghn
  • MS=ms45981434
  • vl2thtm2n31jj21i9nuj38ss6i
  • qou9a44tqor70r1io53okd79kl
  • v=spf1 include:_u.bellgroup.co.uk._spf.dmarclf.com -all
  • 9bgp3ppuvs8siraqe2bmleu4pn
  • 30p7av3lk2big7n8sf091raplu
  • apple-domain-verification=NWcrjXH1Cnn8B0Cg
Cloud / SaaS Services Detected
Apple Microsoft 365

Leak Screenshot:

Leak Screenshot