Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo fnde.gov.br brazilian government

Group: babuk2

Discovered by ransomware.live: 2025-03-11

Estimated attack date: 2025-03-11

Country: BR

Description:

fnde.gov.br brazilian government

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 51

Compromised Users: 3027

Third Party Employee Credentials: 38

External Attack Surface: 123

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • fnde-gov-br.mail.protection.outlook.com.
TXT Records
  • _globalsign-domain-verification=ZgWgi0dltgVgW6kQFRQPHQ2ij8SVG9R5_RPnAdFIs2
  • atlassian-domain-verification=vXHzU4LN2b6EcDnWfcyCUjXF6OX7lLInc11WWh3JNXNMLKn6zL5u6Hc3xapNrtc5
  • MS=ms66921541
  • QGJ54Da2VGDvIryBsrmpLOAXR9Cq5OMm4+veEtWvzsY=
  • ReImzVc0n0CtAO++KN0Tcsj0SOO8p8conjLh3suCmEtYywgJS91Q26odjn/CaLUzIPs+hIqV2RBsSTSCQ6j9zg==
  • v=spf1 ip4:172.21.1.0/24 ip4:172.20.0.0/16 ip4:200.130.5.111 ip4:200.130.5.3 include:spf.protection.outlook.com -all
Cloud / SaaS Services Detected
Atlassian Microsoft 365

Leak Screenshot:

Leak Screenshot