Buy Me a Coffee

Sponsored by Hudson Rock Use Hudson Rock's free cybercrime intelligence tools to learn how Infostealer infections are impacting your business

Logo forestry.gov.jm

Group: Devman

Discovered by ransomware.live: 2025-10-10

Estimated attack date: 2025-10-10

Country: JM

Description:

Ransom: 200000 USD

🕵️ Infostealer activity detected by HudsonRock

Compromised Employees: 6

Compromised Users: 0

Third Party Employee Credentials: 2

External Attack Surface: 2

Infostealer Distribution

DNS Records:

The following DNS records were found for the victim's domain.

WHOIS Emails
  • No emails found.
MX Records
  • mail.forestry.gov.jm.
  • forestry-gov-jm.mail.protection.outlook.com.
TXT Records
  • ja5q48fqtfrordpv0rf22l0jhk
  • MS=ms91315619
  • gzkk1gr84cn6xys8n3y3nd9nvy8v1syc
  • google-site-verification=471MTHRAdXsRL1Dh9ytvbr2yXMI1-TVB35owZ4y9rss
  • 471MTHRAdXsRL1Dh9ytvbr2yXMI1-TVB35owZ4y9rss
  • OBz8wcmAe7VBVG7mNUtsZcsoyXI2LHAeEBEMBeh+Fm1W+yfg2ZiyV/M7axcCBrf95Fm8allyskFweAA1kTdqmg==
  • v=spf1 ip4:65.183.10.122 ip4:162.214.153.167 ip4:50.6.171.83 include:spf.protection.outlook.com ~all
  • 6sf2g1s4fmdik1a4d6n26gbps4
Cloud / SaaS Services Detected
Microsoft 365

Leak Screenshot:

Leak Screenshot