grupatopex.com
grupatopex.com
Group: cactus
Discovered by ransomware.live: 2024-03-18
Estimated attack date: 2024-02-23
Country:
Description:
Download link #1: https://***************.onion/ALFA/PROOF/Mirror: https://cactus5dqnqkppa5ayckiyk6dttpqwczdqphv5mxh4dkk5ct544q5aad.onion/ALFA/PROOF/DATA DESCRIPTIONS: Database exports, executive managers personal data, corporate data, financial documents, personal identification information, client information and much more.
🕵️ Infostealer activity detected by HudsonRock
Compromised Employees: 0
Compromised Users: 1
Third Party Employee Credentials: 1
External Attack Surface: 0
DNS Records:
The following DNS records were found for the victim's domain.
WHOIS Emails
- abuse-contact publicdomainregistry.com
- gdpr-masking gdpr-masked.com
MX Records
- grupatopex-com.mail.protection.outlook.com.
TXT Records
- v=spf1 mx a ip4:193.17.200.0/24 ip4:51.83.254.21/32 include:_spf.mlsend.com include:spf.protection.outlook.com include:_spf.getresponse.com include:_spf.strefagtx.pl include:_spf.jupiter.salesmanago.pl -all
- MS=ms59704525
- apple-domain-verification=w8VAhrQK8l9tAm4R
- google-site-verification=6QqwnW-54-fSC2YlYwOeKmypp8Z8X-JEUOvpVhy4V9s
- MS=ms53367130
Cloud / SaaS Services Detected
Apple
Microsoft 365
Leak Screenshot:
